Removed express-sessions

modules/api/api.js

@@ -22,7 +22,6 @@ const express = require('express')
 const bodyParser = require('body-parser')
 const busboy = require('connect-busboy')
 const cookieParser = require('cookie-parser')
-const session = require('express-session')
 const uuidv4 = require('uuid/v4') // TODO: deprecated, but imports are not supported
 const fs = require('fs')
 const app = express()
@@ -70,29 +69,8 @@ function CreateDB () {
 }
 CreateDB()
 
-// TODO: https and testing
-// var app = express()
-// var sess = {
-//   secret: 'keyboard cat',
-//   cookie: {}
-// }
-//
-// if (app.get('env') === 'production') {
-//   app.set('trust proxy', 1) // trust first proxy
-//   sess.cookie.secure = true // serve secure cookies
-// }
-//
-// app.use(session(sess))
-
 const cookieSecret = uuidv4()
-app.use(session({
-  secret: cookieSecret,
-  resave: false,
-  saveUninitialized: true
-}))
-app.use(cookieParser({
-  secret: cookieSecret
-}))
+app.use(cookieParser(cookieSecret))
 app.use(bodyParser.urlencoded({
   limit: '10mb',
   extended: true
@@ -157,10 +135,6 @@ app.post('/login', (req, res) => {
   if (user) {
     const sessionID = uuidv4()
 
-    // Setting session
-    req.session.user = user
-    req.session.sessionID = sessionID
-
     // FIXME: Users now can only log in in one session, this might be too strict.
     const existingSessions = dbtools.Select(authDB, 'sessions', {
       userID: user.id
@@ -207,12 +181,6 @@ app.post('/login', (req, res) => {
 app.post('/logout', (req, res) => {
   logger.LogReq(req)
   const sessionID = req.cookies.sessionID
-  const userID = req.session.user.id
-
-  // destroying session
-  req.session.destroy(function () {
-    logger.Log(`User ${userID} logout`, logger.GetColor('cyan'))
-  })
 
   // removing session from db
   dbtools.Delete(authDB, 'sessions', {