cookieAuth.ttl not overwriting keepAlive ttl

[antoniosanmartin]

I am using the plugin for an API REST using hapi 16.6.2 and hapi-auth-cookie 7.0.0. I set the keepAlive : true in the plugin initialization. In the login controller I have a "remember me" parameter which sets the ttl (request.cookieAuth.ttl) for 15 days. This is not posible as the keepAlive function overwrites with the default ttl. ¿Am I missing something? ¿Is not the right approach for a remember me?

[raxell]

Late response but hope can be useful to others facing this issue.

You can use the lifecycle events to workaround the issue. In the login handler store a "remember" flag in the cookie, then listen to onCredentials to update the ttl overridden by keepAlive according to this flag. Something like this:

const rememberMeTtl = 15 * 24 * 60 * 60; // 15 days

server.ext('onCredentials', (req, h) => {

    const session = req.state.sid;

    if (session && session.remember) {
        req.cookieAuth.ttl(rememberMeTtl);
    }

    return h.continue;
});

server.route({
    method: 'POST',
    path: '/login',
    // other options ...
    handler(req, h) {

        // your login logic ...

        req.cookieAuth.set(userData);

        if (req.payload.rememberMe) {
            req.cookieAuth.set('remember', true);
            req.cookieAuth.ttl(rememberMeTtl);
        }
    }
});

[lock[bot]]

This thread has been automatically locked due to inactivity. Please open a new issue for related bugs or questions following the new issue template instructions.