hof 22.11.0-custom-session-timeout-beta.1 → 22.11.0-custom-session-timeout-beta.2

package/CHANGELOG.md

@@ -1,14 +1,14 @@
-## 2025-11-11, Version 22.11.0 , @Rhodine-orleans-lindsay
+## 2025-11-15, Version 22.11.0 (Stable), @Rhodine-orleans-lindsay
 
 ### Changed
 - Updated custom session-timeout handling so that custom behaviours are not blocked by a `404` middleware error.
 
 ### Added
 - Added a `CUSTOM_SESSION_EXPIRY` environment variable so that a time other than the redis session ttl can be used for the session timeout. **IMPORTANT**: The `CUSTOM_SESSION_EXPIRY` variable must always a time before the redis session ttl would expire so that behaviours can run before the `SESSION_TIMEOUT` middleware is triggered.
-- Added a `CUSTOM_SESSION_TIMEOUT` that is `false` by default. When set to `true` the the '/session-timeout' page can run before the session expires without triggering a `404` middleware error.
+- Added a `USE_CUSTOM_SESSION_TIMEOUT` that is `false` by default. When set to `true` the the '/session-timeout' page can run before the session expires without triggering a `404` middleware error.
 
    - 🎬 Action:
-      - For custom session timeout handling that is not linked to the redis session ttl, The following variables must be set: `CUSTOM_SESSION_EXPIRY` to the relevant expiry time e.g.600 and `CUSTOM_SESSION_TIMEOUT` to true.
+      - For custom session timeout handling that is not linked to the redis session ttl, The following variables must be set: `CUSTOM_SESSION_EXPIRY` to the relevant expiry time e.g.600 and `USE_CUSTOM_SESSION_TIMEOUT` to true.
       - If a behaviour is required on the '/session-timeout` step, the '/session-timeout' step must be set in the project's index.js, along with any relevant behaviours.
 
 

package/README.md

@@ -1329,8 +1329,8 @@ This feature allows you to customise the content related to the session timeout
 ### Usage
 
 By default, the session timeout is set to the redis session ttl. To bypass this and display the session timeout message before the redis session ttl the following evironment variables must be set:
-`CUSTOM_SESSION_EXPIRY` - e.g. `600`. Configured to expire before thte project's redis session ttl.
-`CUSTOM_SESSION_TIMEOUT` -  `False` by default. When set to `true` the the '/session-timeout' page can run before the session expires without triggering a `404` middleware error.
+`CUSTOM_SESSION_EXPIRY` - e.g. `600`. Configure to expire before thte project's redis session ttl.
+`USE_CUSTOM_SESSION_TIMEOUT` -  `false` by default. When set to `true` the the '/session-timeout' page can run before the session expires without triggering a `404` middleware error.
 
 To enable and customise the session timeout behaviour, you need to set the component and translations in your project's `hof.settings.json` file:
 ```json

package/config/hof-defaults.js

@@ -59,7 +59,7 @@ const defaults = {
     pdfConverter: process.env.PDF_CONVERTER_URL
   },
   serveStatic: process.env.SERVE_STATIC_FILES !== 'false',
-  customSessionTimeout: parseBoolean(process.env.CUSTOM_SESSION_TIMEOUT, false, 'CUSTOM_SESSION_TIMEOUT'),
+  useCustomSessionTimeout: parseBoolean(process.env.USE_CUSTOM_SESSION_TIMEOUT, false, 'USE_CUSTOM_SESSION_TIMEOUT'),
   sessionTimeOutWarning: process.env.SESSION_TIMEOUT_WARNING || 300,
   serviceUnavailable: parseBoolean(process.env.SERVICE_UNAVAILABLE, false, 'SERVICE_UNAVAILABLE')
 };

package/index.js

@@ -253,15 +253,15 @@ function bootstrap(options) {
   /**
    * Handles requests to the session timeout page.
    * For custom session timeout handling that is not linked to the redis session ttl,
-   * set `CUSTOM_SESSION_EXPIRY` variables to the relevant time and `CUSTOM_SESSION_TIMEOUT`variables to true.
-   * If `CUSTOM_SESSION_EXPIRY` and `CUSTOM_SESSION_TIMEOUT` envs are set,
+   * set `CUSTOM_SESSION_EXPIRY` variables to the relevant time and `USE_CUSTOM_SESSION_TIMEOUT`variables to true.
+   * If `CUSTOM_SESSION_EXPIRY` and `USE_CUSTOM_SESSION_TIMEOUT` envs are set,
    * include '/session-timeout' step in the project's index.js.
    * - If the user has a session cookie but their session is missing or inactive,
    *   this triggers a session timeout error handled by error middleware.
    * - Otherwise, responds with a 404 "Page Not Found" error.
    * This route ensures the timeout page only appears after an actual session expiry.
   */
-  if (!config.customSessionTimeout) {
+  if (!config.useCustomSessionTimeout) {
     app.get('/session-timeout', (req, res, next) => {
       if ((req.cookies['hof-wizard-sc']) && (!req.session || req.session.exists !== true)) {
         const err = new Error('Session expired');

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "hof",
   "description": "A bootstrap for HOF projects",
-  "version": "22.11.0-custom-session-timeout-beta.1",
+  "version": "22.11.0-custom-session-timeout-beta.2",
   "license": "MIT",
   "main": "index.js",
   "author": "HomeOffice",

package/sandbox/apps/sandbox/index.js

@@ -4,7 +4,6 @@
 const CountrySelect = require('./behaviours/country-select')
 const SummaryPageBehaviour = require('../../../').components.summary;
 const InternationalPhoneNumber = require('./behaviours/international-number');
-const TestConsoleLog = require('./behaviours/test-console-log');
 
 module.exports = {
   name: 'sandbox',
@@ -93,9 +92,6 @@ module.exports = {
       ],
       next: '/confirm'
     },
-    '/session-timeout': {
-      behaviours: TestConsoleLog
-    },
     '/exit': {},
     '/save-and-exit': {}
   }

package/sandbox/apps/sandbox/translations/en/default.json

@@ -2,10 +2,6 @@
   "errors": {
     "service-unavailable": {
       "contact": "You can email for more information"
-    },
-    "session": {
-      "title": "Custom title translation - Your session has timed out",
-      "message": "Custom message translation -  For your security, we have timed you out due to inactivity."
     }
   },
   "exit": {

package/sandbox/apps/sandbox/translations/src/en/errors.json

@@ -1,9 +1,5 @@
 {
   "service-unavailable": {
     "contact": "You can email for more information"
-  },
-  "session": {
-    "title": "Custom title translation - Your session has timed out",
-    "message": "Custom message translation -  For your security, we have timed you out due to inactivity."
   }
 }

package/sandbox/package.json

@@ -8,7 +8,7 @@
   },
   "scripts": {
     "start": "node server.js",
-    "start:dev": "HOF_SANDBOX=true ../bin/hof-build watch --env",
+    "start:dev": "HOF_SANDBOX=true ../bin/hof-build watch",
     "dev": "yarn && GA_TAG=test nodemon server",
     "build": "HOF_SANDBOX=true ../bin/hof-build",
     "postinstall": "yarn run build"

package/sandbox/server.js

@@ -8,7 +8,6 @@ bootstrap({
   routes: [
     require('./apps/sandbox')
   ],
-  views: './apps/sandbox/views',
   behaviours: [
     require('../').components.sessionTimeoutWarning
   ],

package/sandbox/apps/sandbox/behaviours/test-console-log.js

@@ -1,9 +0,0 @@
-'use strict';
-
-module.exports = SuperClass => class extends SuperClass {
-  configure(req, res, next) {
-    // Simple behaviour to log to console when run
-    console.log('***************** console log behaviour executed************************');
-    return super.configure(req, res, next);
-  }
-};

package/sandbox/apps/sandbox/views/session-timeout.html

@@ -1,7 +0,0 @@
-{{<error}}
-  {{$content}}
-    <h1 class="govuk-heading-l">{{#t}}errors.session.title{{/t}}</h1>
-    <h2 class="govuk-heading-m">{{#t}}errors.session.message{{/t}}</h2>
-    <a href="/" class="govuk-button" role="button">{{#t}}buttons.start-again{{/t}}</a>
-  {{/content}}
-{{/error}}