How to develop with Cooldown with Express-Session

Asked

Viewed 52 times

0

Hello, I am developing a feedback system. The person fills in some data, sends and saves in the database. However, for security reasons, I wanted to create a cooldown so that the person only send another feedback after 24 hours for example. I tried to create sessions, but none that worked properly. Someone has an idea?

Controller:

router.post('/send-feedback', (req, res) => {

    const { name, email, description } = req.body

    Feedback.create({
        client_name: name,
        client_email: email,
        client_feedback: description
    }).then(() => {

        req.flash('success', 'Muito obrigado pelo Feedback, é muito importante para mim!')
        return res.redirect('/feedback')

    })


})```
node.js session express

1 answer

0


The most secure there, is you save in the bank when was the last time the person (email) sent a feedback. ai before accepting, you check if it has been more than 24 hours, since the last registration of that person in the base.

with session is not legal as it can delete cookies, use another device, etc.

  • But like, if the user changes the email? Technically it could flood

  • Yes, it is always scammable, there is no 100% secure system. , then you leave for a multiple key: email + ip + cookie, and so on.

Browser other questions tagged node.js session express

You are not signed in. Login or sign up in order to post.