Skip to content

Commit

Permalink
Remove signed cookie cache because of adding IP address condition.
Browse files Browse the repository at this point in the history
  • Loading branch information
EarthlingDavey committed Dec 6, 2024
1 parent 8dd6680 commit 65c0534
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 38 deletions.
41 changes: 6 additions & 35 deletions conf/node/controllers/cloudfront.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,23 +7,8 @@ import {
cloudFrontPrivateKey as privateKey,
} from "../constants.js";

/**
* @typedef {Object} CookieSet
* @property {import('@aws-sdk/cloudfront-signer').CloudfrontSignedCookiesOutput} value
* @property {number} dateLessThan - epoch in milliseconds
*/

/**
* @typedef {Object} Cache
* @property {string|null} keyPairId - will only change on server restart
* @property {[key: string]: CookieSet} cookieSets
*/

/** @type {Cache} */
const cache = {
keyPairId: null,
cookieSets: {},
};
/** @type {string} */
let cachedKeyPairId = null;

/**
* Infer the CloudFront CDN URL from the app host
Expand Down Expand Up @@ -53,8 +38,8 @@ export const getCdnUrl = (appUrl) => {

export const getKeyPairId = () => {
// Return the cached value if it exists
if (cache.keyPairId) {
return cache.keyPairId;
if (cachedKeyPairId) {
return cachedKeyPairId;
}

// Get sha256 hash of the public key, and get the first 8 characters.
Expand All @@ -72,7 +57,7 @@ export const getKeyPairId = () => {
throw new Error("Key pair ID not found");
}

cache.keyPairId = keyPairId;
cachedKeyPairId = keyPairId;

return keyPairId;
};
Expand Down Expand Up @@ -102,19 +87,11 @@ export const getDateLessThan = () => {
* @param {Object} props
* @param {string} props.resource
* @param {number} props.dateLessThan
* @param {string} props.ipAddress
* @returns {import('@aws-sdk/cloudfront-signer').CloudfrontSignedCookiesOutput} cookies - The signed CloudFront cookies
*/

export const getCookies = ({ resource, dateLessThan, ipAddress }) => {
// Check if the cache has a value for the resource
const cachedValue =
cache.cookieSets?.[resource]?.dateLessThan === dateLessThan;

// Return the cached value if it exists
if (cachedValue) {
return cachedValue;
}

const policy = {
Statement: [
{
Expand All @@ -139,11 +116,5 @@ export const getCookies = ({ resource, dateLessThan, ipAddress }) => {
policy: policyString,
});

// Set the cache
cache.cookieSets[resource] = {
dateLessThan,
value: signedCookies,
};

return signedCookies;
};
6 changes: 3 additions & 3 deletions conf/node/server.js
Original file line number Diff line number Diff line change
Expand Up @@ -105,10 +105,10 @@ app.get("/access-archive", async function (req, res, next) {
});
});

// Send a metadata html tag to redirect to the cdnUrl
const html = `<html><head><meta http-equiv="refresh" content="0; url=${cdnUrl.origin}" /></head></html>`;
// http://app.archive.intranet.docker/access-archive

res.status(200).send(html);
// Redirect to the CDN URL.
res.redirect(cdnUrl.origin);
} catch (err) {
next(err);
}
Expand Down

0 comments on commit 65c0534

Please sign in to comment.