search

fastify / fastify-secure-session

Create a secure stateless cookie session for Fastify
MIT License
201 stars 45 forks source link

changed value should be set to true when modifying objects within session #217

Closed Nanosync closed 4 months ago

Nanosync commented 5 months ago

Prerequisites

Fastify version

4.26.2

Plugin version

7.1.0

Node.js version

18.8.2

Operating system

macOS

Operating system version (i.e. 20.04, 11.3, 10)

13.6.4

Description

Modifying objects in session does not set changed to true.

Steps to Reproduce

See passport-oauth2 - PKCESessionStore (code permalink attached)

https://github.com/jaredhanson/passport-oauth2/blob/be9bf58cee75938c645a9609f0cc87c4c724e7c8/lib/state/pkcesession.js#L48

req.session[key].state = sstate;

This line modifies an object within session, however session[key] is not proxied. Changing this value won't set changed to true.

Expected Behavior

changed should be set to true when modifying an object/array within session.

mcollina commented 5 months ago

Thanks for reporting! Would you like to send a Pull Request to address this issue? Remember to add unit tests.