Add ip_address and session_created to the session user object.

2024-11-07 20:31:06 -05:00 · 2016-07-01 15:49:07 +01:00 · 2016-07-01 15:49:07 +01:00 · 0ac9b05d02
commit 0ac9b05d02
parent f1653d01b7
2 changed files with 6 additions and 0 deletions
--- a/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee
+++ b/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee
@ -133,6 +133,8 @@ module.exports = AuthenticationController =
 			isAdmin: user.isAdmin
 			email: user.email
 			referal_id: user.referal_id
+			session_created: (new Date()).toISOString()
+			ip_address: req.ip
 		# Regenerate the session to get a new sessionID (cookie value) to
 		# protect against session fixation attacks
 		oldSession = req.session
--- a/services/web/test/UnitTests/coffee/Authentication/AuthenticationControllerTests.coffee
+++ b/services/web/test/UnitTests/coffee/Authentication/AuthenticationControllerTests.coffee
@ -369,6 +369,7 @@ describe "AuthenticationController", ->
 				destroy : sinon.stub()
 			@req.sessionStore =
 				generate: sinon.stub()
+			@req.ip = "1.2.3.4"
 			@AuthenticationController.establishUserSession @req, @user, @callback

 		it "should set the session user to a basic version of the user", ->
@ -378,6 +379,9 @@ describe "AuthenticationController", ->
 			@req.session.user.last_name.should.equal @user.last_name
 			@req.session.user.referal_id.should.equal @user.referal_id
 			@req.session.user.isAdmin.should.equal @user.isAdmin
+			@req.session.user.ip_address.should.equal @req.ip
+			expect(typeof @req.session.user.ip_address).to.equal 'string'
+			expect(typeof @req.session.user.session_created).to.equal 'string'

 		it "should destroy the session", ->
 			@req.session.destroy.called.should.equal true