EXUI-382 - Session cookie (#3944)

* Setup random allocation of sering session cookie, check if we can use pod name in aut setup * Add appinsight log when pod is using session cookie * add logger * add logger * up the limmit * Remove error log for debug
hmcts · Oct 21, 2024 · 1d4a80c · 1d4a80c
1 parent 6fb3261
commit 1d4a80c
Showing 1 changed file with 19 additions and 4 deletions.
diff --git a/api/auth/index.ts b/api/auth/index.ts
@@ -1,4 +1,4 @@
-import { AUTH, AuthOptions, xuiNode } from '@hmcts/rpx-xui-node-lib';
+import { AUTH, AuthOptions, SessionMetadata, xuiNode } from '@hmcts/rpx-xui-node-lib';
 import { NextFunction, Response } from 'express';
 import { getConfigValue, showFeature } from '../configuration';
 import {
@@ -25,12 +25,21 @@ import {
   SYSTEM_USER_NAME,
   SYSTEM_USER_PASSWORD
 } from '../configuration/references';
-import { client } from '../lib/appInsights';
+import { client, trackTrace } from '../lib/appInsights';
 import * as log4jui from '../lib/log4jui';
 import { EnhancedRequest } from '../lib/models';
 
 const logger = log4jui.getLogger('auth');
 
+const totalReplicas = 24;
+const specialReplicasCount = 5;
+
+function shouldSetSessionCookieFlag(totalReplicas, specialReplicasCount) {
+  const randomNumber = Math.floor(Math.random() * totalReplicas);
+  return randomNumber < specialReplicasCount;
+}
+const isSpecialPod = shouldSetSessionCookieFlag(totalReplicas, specialReplicasCount);
+
 export const successCallback = (req: EnhancedRequest, res: Response, next: NextFunction) => {
   const { user } = req.session.passport;
   const { userinfo } = user;
@@ -110,14 +119,20 @@ export const getXuiNodeMiddleware = () => {
   const baseStoreOptions = {
     cookie: {
       httpOnly: true,
-      maxAge: 28800000,
       secure: showFeature(FEATURE_SECURE_COOKIE_ENABLED)
     },
     name: 'xui-webapp',
     resave: false,
     saveUninitialized: false,
     secret: getConfigValue(SESSION_SECRET)
-  };
+  } as SessionMetadata;
+
+  if (!isSpecialPod){
+    baseStoreOptions.cookie.maxAge = 28800000;
+  } else {
+    trackTrace('Pod is serving session cookie');
+    logger.info('Pod is serving session cookie');
+  }
 
   const redisStoreOptions = {
     redisStore: {