OpenUserJS · Martii · Jun 8, 2018 · Jun 8, 2018
diff --git a/controllers/user.js b/controllers/user.js
@@ -53,6 +53,8 @@ var countTask = require('../libs/tasks').countTask;
 var pageMetadata = require('../libs/templateHelpers').pageMetadata;
 var orderDir = require('../libs/templateHelpers').orderDir;
 
+var extendSession = require('../libs/modifySessions').extend;
+
 //--- Configuration inclusions
 var userRoles = require('../models/userRoles.json');
 var strategies = require('./strategies.json');
@@ -115,7 +117,6 @@ exports.exist = function (aReq, aRes) {
 
 // API - Request for extending a logged in user session
 exports.extend = function (aReq, aRes, aNext) {
-  //
   var authedUser = aReq.session.user;
 
   if (!authedUser) {
@@ -127,32 +128,22 @@ exports.extend = function (aReq, aRes, aNext) {
     _id: authedUser._id,
     sessionsIds: { "$in": [ aReq.session._id ] }
   }, function (aErr, aUser) {
-    var options = {};
-    var user = null;
-
-    if (aErr) {
-      console.error(aErr);
-      statusCodePage(aReq, aRes, aNext, {
-        statusCode: 500,
-        statusMessage: 'Server Error'
-      });
-      return;
-    }
-
-    if (!aUser) {
-      aNext();
-      return;
-    }
+    extendSession(aReq, aUser, function (aErr) {
+      if (aErr) {
+        if (aErr === 'Already extended') {
+          aNext();
+          return;
+        }
 
-    if (aReq.session.cookie.expires) {
-      aReq.session.cookie.expires = false;
-      aReq.session.save();
+        statusCodePage(aReq, aRes, aNext, {
+          statusCode: 500,
+          statusMessage: aErr
+        });
+        return;
+      }
 
       aRes.redirect('back');
-    } else {
-      aNext();
-      return;
-    }
+    });
   });
 };
 

diff --git a/libs/modifySessions.js b/libs/modifySessions.js
@@ -31,7 +31,7 @@ function serializeUser(aUser) {
   return userObj;
 }
 
-// Add a new session id to the user model
+// Add a single new session id to the user model
 exports.add = function (aReq, aUser, aCallback) {
   var store = aReq.sessionStore;
 
@@ -62,7 +62,26 @@ exports.add = function (aReq, aUser, aCallback) {
   }
 };
 
-// Remove a session id from the user model **and** the session store
+// Extend a single session
+exports.extend = function (aReq, aUser, aCallback) {
+  if (!aUser) {
+    aCallback('No User');
+    return;
+  }
+
+  if (!aReq.session.cookie.expires) {
+    aCallback('Already extended');
+    return;
+  }
+
+  // NOTE: Currently allow on any session with
+  //   no additional User restrictions yet
+
+  aReq.session.cookie.expires = false;
+  aReq.session.save(aCallback);
+};
+
+// Remove a single session id from the user model **and** the session store
 exports.remove = function (aReq, aUser, aCallback) {
   var pos = aUser && aUser.sessionIds ?
     aUser.sessionIds.indexOf(aReq.sessionID) : -1;
@@ -86,13 +105,17 @@ exports.update = function (aReq, aUser, aCallback) {
   var store = aReq.sessionStore;
   var userObj = aUser ? serializeUser(aUser) : null;
 
-  if (!aUser || !aUser.sessionIds) { return aCallback('No sessions', null); }
+  if (!aUser || !aUser.sessionIds) {
+    aCallback('No sessions', null);
+    return;
+  }
 
   async.each(aUser.sessionIds, function (aId, aCb) {
     store.get(aId, function (aErr, aSess) {
       // Invalid session, will be removed on login
       if (aErr || !aSess) {
-        return aCb(null);
+        aCb(null);
+        return;
       }
 
       aSess.user = userObj;
@@ -113,7 +136,10 @@ exports.destroy = function (aReq, aUser, aCallback) {
     }
   };
 
-  if (!aUser || !aUser.sessionIds) { return aCallback('No sessions', null); }
+  if (!aUser || !aUser.sessionIds) {
+    aCallback('No sessions', null);
+    return;
+  }
 
   async.each(aUser.sessionIds, function (aId, aCb) {
     store.set(aId, emptySess, aCb);