Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bad Request causes bad JSON response #112

Open
G-Adams opened this issue Jun 29, 2020 · 2 comments
Open

Bad Request causes bad JSON response #112

G-Adams opened this issue Jun 29, 2020 · 2 comments

Comments

@G-Adams
Copy link

G-Adams commented Jun 29, 2020
edited
Loading

When querying an invalid column name the JSON response is missing the last curly brace only when the store is instantiated for the session. If session store is not used this issue does not present. This occurs only with bad requests (400).

with store:
{ "message": "Bad Request"

without store:
{ "message": "Bad Request" }

Similar issue here. The workaround posited does fix the problem, but I'm unsure why implementing the store causes the workaround to be necessary.

Express/Session are most recent version as of this post.

Code:

const bodyParser = require('body-parser');
const fs = require('fs');
const https = require('https');

const app = express();
const session = require('express-session');
const MySQLStore = require('express-mysql-session')(session);
const { serverError } = require('./utils/response');
const { log } = require('./utils');
const prototypes = require('./utils/prototypes');
const db = require('./utils/db/mysql');

db.connect();
const mysqlConn = db.pool;
const storeOptions = {
	host: process.env.DB_HOST,
	port: process.env.DB_PORT,
	user: process.env.DB_USER,
	password: process.env.DB_PASSWORD,
	database: process.env.DB_DATABASE,
};
const sessionStore = new MySQLStore(storeOptions, mysqlConn);
// load all prototypes on initial startup
for (const func of Object.values(prototypes)) {
	func();
}

// Tell express to use these middleware functions for every request
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
	extended: false,
}));
let useSecure = true;
if (process.env.SECURE) {
	useSecure = process.env.SECURE === 'true';
}

app.use(session({
	secret: process.env.SESSION_SECRET,
	resave: false,
	saveUninitialized: false,
	rolling: true,
	store: sessionStore, // Commenting out this line fixes the bad request issue but does not instantiate store
	cookie: {
		sameSite: 'lax',
		secure: !!process.env.SECURE_CONTEXT,
		// 24 minutes - should use env variable
		maxAge: parseInt(process.env.SESSION_LENGTH, 10) || 1440000,
	},
}));
@chill117
Copy link
Owner

This looks like an issue with the express-session module.

@G-Adams
Copy link
Author

G-Adams commented Jul 15, 2020

@chill117 here is a repository where you can verify that this issue presents somewhere between express-mysql-session and express-session which has to do with a content length mismatch resulting in the broken response.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chill117 @G-Adams