From 55724221e892eb1033665ff1595374e10c64d0e9 Mon Sep 17 00:00:00 2001
From: Frieder Schrempf <frieder@fris.de>
Date: Fri, 5 Apr 2024 11:04:49 +0200
Subject: [PATCH] Check if cookie expired when doing CT API login

Otherwise we might use an expired cookie which causes unauthenticated
API requests and therefore incomplete data to be returned.
---
 package-lock.json   | 14 ++++++++++++++
 package.json        |  1 +
 src/ctconnection.js | 11 ++++++++++-
 3 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/package-lock.json b/package-lock.json
index b8f3d3e..edac37f 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -10,6 +10,7 @@
       "license": "GPL-3.0-or-later",
       "dependencies": {
         "axios": "^0.21.4",
+        "cookie": "^0.6.0",
         "ldap-escape": "^2.0.5",
         "ldap-filter": "^0.3.3",
         "ldapjs": "^2.3.1",
@@ -557,6 +558,14 @@
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/cookie": {
+      "version": "0.6.0",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
+      "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
     "node_modules/core-util-is": {
       "version": "1.0.2",
       "license": "MIT"
@@ -3359,6 +3368,11 @@
       "version": "1.0.11",
       "dev": true
     },
+    "cookie": {
+      "version": "0.6.0",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
+      "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw=="
+    },
     "core-util-is": {
       "version": "1.0.2"
     },
diff --git a/package.json b/package.json
index 035ac8e..65ec5d0 100644
--- a/package.json
+++ b/package.json
@@ -24,6 +24,7 @@
   },
   "dependencies": {
     "axios": "^0.21.4",
+    "cookie": "^0.6.0",
     "ldap-escape": "^2.0.5",
     "ldap-filter": "^0.3.3",
     "ldapjs": "^2.3.1",
diff --git a/src/ctconnection.js b/src/ctconnection.js
index a17c684..d9584b1 100644
--- a/src/ctconnection.js
+++ b/src/ctconnection.js
@@ -1,4 +1,5 @@
 const axiosReal = require('axios').default;
+const cookie = require('cookie');
 const log = require('./logging');
 const c = require('./constants');
 const ctapi = require('./ctapi');
@@ -60,6 +61,14 @@ let getCsrfToken = this.getCsrfTokenReal;
 
 const getCookie = (result) => result.headers['set-cookie'][0];
 
+const cookieIsValid = (c) => {
+  const parsed = cookie.parse(c);
+  const expires = Date.parse(parsed.expires);
+  if (expires > Date.now()) return true;
+  log.info('Cookie expired');
+  return false;
+};
+
 const getLoginRequest = (baseurl, user, password) => ({
   method: 'post',
   url: baseurl + c.API_SLUG + c.LOGIN_AP,
@@ -129,7 +138,7 @@ exports.getPromiseReal = async (url, site) => {
   while (retryWithAuth) {
     retryWithAuth = false;
     try {
-      if (!this.isConnected(site.name)) {
+      if (!this.isConnected(site.name) || !cookieIsValid(conn.cookie)) {
         log.debug('Try again to log in');
         await this.login(site);
       }