From 79a7c1457ed5483f5b865d72ddfafc0f7e8bc8a1 Mon Sep 17 00:00:00 2001
From: Luigi Pinca <luigipinca@gmail.com>
Date: Mon, 18 May 2015 15:27:10 +0200
Subject: [PATCH] changed the configuration of the session middleware

---
 app.js | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/app.js b/app.js
index 4b1d387..3d039a4 100644
--- a/app.js
+++ b/app.js
@@ -22,6 +22,7 @@ var banHandler = require('./lib/middleware/ban-handler')
  */
 
 var app = express()
+  , production = process.env.NODE_ENV === 'production'
   , pub = __dirname + '/public' // Path to public directory
   , sessionstore = new RedisStore({client: usersdb})
   , server = http.createServer(app); // HTTP server object
@@ -34,8 +35,12 @@ app.use(banHandler);
 app.use(urlencoded({extended: false}));
 app.use(cookieParser);
 app.use(session({
-  cookie: {maxAge: 14400000}, // 4 h = 14400000 ms
-  resave: true,
+  cookie: {
+    secure: production,
+    maxAge: 14400000 // 4 h = 14400000 ms
+  },
+  proxy: production,
+  resave: false,
   rolling: true,
   saveUninitialized: true,
   secret: secret,
-- 
2.54.0