From baf61e37e4deb1ebef558662c596b6d237e1092f Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Thu, 2 Dec 2021 16:04:44 +0000
Subject: [PATCH 1/5] Removing auto columns from export - the new table will
 provide these if required.

---
 .../server/src/api/controllers/view/index.js    | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/packages/server/src/api/controllers/view/index.js b/packages/server/src/api/controllers/view/index.js
index 3b43ef2408..b4399f416d 100644
--- a/packages/server/src/api/controllers/view/index.js
+++ b/packages/server/src/api/controllers/view/index.js
@@ -77,6 +77,7 @@ exports.exportView = async ctx => {
   }
 
   await fetchView(ctx)
+  let rows = ctx.body
 
   let schema = view && view.meta && view.meta.schema
   if (!schema) {
@@ -85,11 +86,23 @@ exports.exportView = async ctx => {
     schema = table.schema
   }
 
+  // remove any auto columns
+  const autocolumns = Object.entries(schema)
+    .filter(entry => entry[1].autocolumn)
+    .map(entry => entry[0])
+  rows.forEach(row => {
+    autocolumns.forEach(column => delete row[column])
+  })
+  // delete auto columns from schema
+  autocolumns.forEach(column => {
+    delete schema[column]
+  })
+
   // make sure no "undefined" entries appear in the CSV
   if (format === exporters.ExportFormats.CSV) {
     const schemaKeys = Object.keys(schema)
     for (let key of schemaKeys) {
-      for (let row of ctx.body) {
+      for (let row of rows) {
         if (row[key] == null) {
           row[key] = ""
         }
@@ -103,5 +116,5 @@ exports.exportView = async ctx => {
   const filename = `${viewName}.${format}`
   // send down the file
   ctx.attachment(filename)
-  ctx.body = apiFileReturn(exporter(headers, ctx.body))
+  ctx.body = apiFileReturn(exporter(headers, rows))
 }

From 560a96b503ee3cd832e40ec7c7e814d0ba8abd01 Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Thu, 2 Dec 2021 16:17:10 +0000
Subject: [PATCH 2/5] Exporting date and auto id field, but not importing
 autocolumns when table is created.

---
 packages/server/src/api/controllers/table/utils.js |  1 +
 packages/server/src/api/controllers/view/index.js  | 13 +++++++------
 packages/server/src/utilities/csvParser.js         |  7 +++++--
 3 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/packages/server/src/api/controllers/table/utils.js b/packages/server/src/api/controllers/table/utils.js
index 0623fc64b5..e4086e8071 100644
--- a/packages/server/src/api/controllers/table/utils.js
+++ b/packages/server/src/api/controllers/table/utils.js
@@ -75,6 +75,7 @@ exports.handleDataImport = async (appId, user, table, dataImport) => {
   if (!dataImport || !dataImport.csvString) {
     return table
   }
+
   const db = new CouchDB(appId)
   // Populate the table with rows imported from CSV in a bulk update
   const data = await csvParser.transform({
diff --git a/packages/server/src/api/controllers/view/index.js b/packages/server/src/api/controllers/view/index.js
index b4399f416d..9a844fedff 100644
--- a/packages/server/src/api/controllers/view/index.js
+++ b/packages/server/src/api/controllers/view/index.js
@@ -5,6 +5,7 @@ const exporters = require("./exporters")
 const { saveView, getView, getViews, deleteView } = require("./utils")
 const { fetchView } = require("../row")
 const { getTable } = require("../table/utils")
+const { FieldTypes } = require("../../../constants")
 
 exports.fetch = async ctx => {
   const db = new CouchDB(ctx.appId)
@@ -86,15 +87,15 @@ exports.exportView = async ctx => {
     schema = table.schema
   }
 
-  // remove any auto columns
-  const autocolumns = Object.entries(schema)
-    .filter(entry => entry[1].autocolumn)
+  // remove any relationships
+  const relationships = Object.entries(schema)
+    .filter(entry => entry[1].type === FieldTypes.LINK)
     .map(entry => entry[0])
   rows.forEach(row => {
-    autocolumns.forEach(column => delete row[column])
+    relationships.forEach(column => delete row[column])
   })
-  // delete auto columns from schema
-  autocolumns.forEach(column => {
+  // delete relationships from schema
+  relationships.forEach(column => {
     delete schema[column]
   })
 
diff --git a/packages/server/src/utilities/csvParser.js b/packages/server/src/utilities/csvParser.js
index c548a71758..8f9b3373c9 100644
--- a/packages/server/src/utilities/csvParser.js
+++ b/packages/server/src/utilities/csvParser.js
@@ -102,8 +102,11 @@ async function transform({ schema, csvString, existingTable }) {
     schema = updateSchema({ schema, existingTable })
   }
 
-  for (let key of Object.keys(schema)) {
-    colParser[key] = PARSERS[schema[key].type] || schema[key].type
+  for (let [key, field] of Object.entries(schema)) {
+    // don't import data to auto columns
+    if (!field.autocolumn) {
+      colParser[key] = PARSERS[field.type] || field.type
+    }
   }
 
   try {

From 71e93a20a141a425bbfeeac126dd7771a3d8b1cf Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Fri, 3 Dec 2021 10:31:09 +0000
Subject: [PATCH 3/5] Refactor.

---
 packages/server/src/api/controllers/view/index.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/packages/server/src/api/controllers/view/index.js b/packages/server/src/api/controllers/view/index.js
index 9a844fedff..e3232323bf 100644
--- a/packages/server/src/api/controllers/view/index.js
+++ b/packages/server/src/api/controllers/view/index.js
@@ -91,11 +91,11 @@ exports.exportView = async ctx => {
   const relationships = Object.entries(schema)
     .filter(entry => entry[1].type === FieldTypes.LINK)
     .map(entry => entry[0])
-  rows.forEach(row => {
-    relationships.forEach(column => delete row[column])
-  })
-  // delete relationships from schema
+  // iterate relationship columns and remove from and row and schema
   relationships.forEach(column => {
+    rows.forEach(row => {
+      delete row[column]
+    })
     delete schema[column]
   })
 

From e6b3521ed52bfe8cc061881482cdf0d8fcfffbb0 Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Fri, 3 Dec 2021 11:17:48 +0000
Subject: [PATCH 4/5] Extending logout TTL from a day to a week.

---
 packages/auth/src/security/sessions.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/packages/auth/src/security/sessions.js b/packages/auth/src/security/sessions.js
index 93c2d0a9ca..ad21627bd9 100644
--- a/packages/auth/src/security/sessions.js
+++ b/packages/auth/src/security/sessions.js
@@ -1,6 +1,7 @@
 const redis = require("../redis/authRedis")
 
-const EXPIRY_SECONDS = 86400
+// a week in seconds
+const EXPIRY_SECONDS = 86400 * 7
 
 async function getSessionsForUser(userId) {
   const client = await redis.getSessionClient()

From b1cc0d0783a283040434a001094292bf9c72ffce Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Fri, 3 Dec 2021 12:39:20 +0000
Subject: [PATCH 5/5] Setting auth cookie to not expire.

---
 packages/auth/src/constants.js                  |  1 +
 packages/auth/src/utils.js                      |  9 +++++----
 .../worker/src/api/controllers/global/auth.js   | 17 +----------------
 3 files changed, 7 insertions(+), 20 deletions(-)

diff --git a/packages/auth/src/constants.js b/packages/auth/src/constants.js
index 9892275bec..363274eda5 100644
--- a/packages/auth/src/constants.js
+++ b/packages/auth/src/constants.js
@@ -34,4 +34,5 @@ exports.Configs = {
   OIDC_LOGOS: "logos_oidc",
 }
 
+exports.MAX_VALID_DATE = new Date(2147483647000)
 exports.DEFAULT_TENANT_ID = "default"
diff --git a/packages/auth/src/utils.js b/packages/auth/src/utils.js
index f7ab5d6990..b8fa7b9588 100644
--- a/packages/auth/src/utils.js
+++ b/packages/auth/src/utils.js
@@ -7,7 +7,7 @@ const {
 const jwt = require("jsonwebtoken")
 const { options } = require("./middleware/passport/jwt")
 const { createUserEmailView } = require("./db/views")
-const { Headers, UserStatus, Cookies } = require("./constants")
+const { Headers, UserStatus, Cookies, MAX_VALID_DATE } = require("./constants")
 const {
   getGlobalDB,
   updateTenantId,
@@ -83,14 +83,15 @@ exports.getCookie = (ctx, name) => {
  * @param {object} ctx The request which is to be manipulated.
  * @param {string} name The name of the cookie to set.
  * @param {string|object} value The value of cookie which will be set.
+ * @param {object} opts options like whether to sign.
  */
-exports.setCookie = (ctx, value, name = "builder") => {
-  if (value) {
+exports.setCookie = (ctx, value, name = "builder", opts = { sign: true }) => {
+  if (value && opts && opts.sign) {
     value = jwt.sign(value, options.secretOrKey)
   }
 
   const config = {
-    maxAge: Number.MAX_SAFE_INTEGER,
+    expires: MAX_VALID_DATE,
     path: "/",
     httpOnly: false,
     overwrite: true,
diff --git a/packages/worker/src/api/controllers/global/auth.js b/packages/worker/src/api/controllers/global/auth.js
index 592787c5ea..cd7d8abcee 100644
--- a/packages/worker/src/api/controllers/global/auth.js
+++ b/packages/worker/src/api/controllers/global/auth.js
@@ -56,26 +56,11 @@ async function authInternal(ctx, user, err = null, info = null) {
     return ctx.throw(403, info ? info : "Unauthorized")
   }
 
-  const expires = new Date()
-  expires.setDate(expires.getDate() + 1)
-
   if (!user) {
     return ctx.throw(403, info ? info : "Unauthorized")
   }
 
-  const config = {
-    expires,
-    path: "/",
-    httpOnly: false,
-    overwrite: true,
-  }
-
-  if (env.COOKIE_DOMAIN) {
-    config.domain = env.COOKIE_DOMAIN
-  }
-
-  // just store the user ID
-  ctx.cookies.set(Cookies.Auth, user.token, config)
+  setCookie(ctx, user.token, Cookies.Auth, { sign: false })
   // get rid of any app cookies on login
   // have to check test because this breaks cypress
   if (!env.isTest()) {