From cd5038a2501cc1203c46ccaca366060de0c03370 Mon Sep 17 00:00:00 2001
From: raclim <raclim@nyu.edu>
Date: Mon, 17 Feb 2025 15:58:19 -0500
Subject: [PATCH 1/6] add lastLoginTimestamp property to user model

---
 server/models/user.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server/models/user.js b/server/models/user.js
index d1c5e16bf2..666d198da1 100644
--- a/server/models/user.js
+++ b/server/models/user.js
@@ -82,7 +82,8 @@ const userSchema = new Schema(
       enum: ['none', 'essential', 'all'],
       default: 'none'
     },
-    banned: { type: Boolean, default: false }
+    banned: { type: Boolean, default: false },
+    lastLoginTimestamp: { type: Date } // or should it be last active?
   },
   { timestamps: true, usePushEach: true }
 );

From 2c7290bbd275baea2e46aad4b712d3cbd7dec7b7 Mon Sep 17 00:00:00 2001
From: raclim <raclim@nyu.edu>
Date: Mon, 17 Feb 2025 15:59:02 -0500
Subject: [PATCH 2/6] update lastLoginTimestamp with new date on login

---
 server/config/passport.js | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/server/config/passport.js b/server/config/passport.js
index 5a4547c0b4..3d925e57e0 100644
--- a/server/config/passport.js
+++ b/server/config/passport.js
@@ -54,6 +54,9 @@ passport.use(
         const isMatch = await user.comparePassword(password);
 
         if (isMatch) {
+          user.lastLoginTimestamp = Date.now();
+          await user.save();
+
           return done(null, user);
         } else { // eslint-disable-line
           return done(null, false, { msg: 'Invalid email or password' });
@@ -88,6 +91,8 @@ passport.use(
       }
 
       keyDocument.lastUsedAt = Date.now();
+      user.lastLoginTimestamp = Date.now();
+
       await user.save();
       return done(null, user);
     } catch (err) {
@@ -140,6 +145,9 @@ passport.use(
           } else if (existingUser.banned) {
             return done(null, false, { msg: accountSuspensionMessage });
           }
+          existingUser.lastLoginTimestamp = Date.now();
+          await existingUser.save();
+
           return done(null, existingUser);
         }
 
@@ -239,6 +247,9 @@ passport.use(
           } else if (existingUser.banned) {
             return done(null, false, { msg: accountSuspensionMessage });
           }
+          existingUser.lastLoginTimestamp = Date.now();
+          await existingUser.save();
+
           return done(null, existingUser);
         }
 

From 297e0c5cc90757f09e61681e9570a5f71a847f4d Mon Sep 17 00:00:00 2001
From: raclim <raclim@nyu.edu>
Date: Mon, 17 Feb 2025 15:59:58 -0500
Subject: [PATCH 3/6] other suggestion to add lastActive middleware vs login

---
 server/server.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/server/server.js b/server/server.js
index 8b4d196451..9324f0f435 100644
--- a/server/server.js
+++ b/server/server.js
@@ -167,6 +167,8 @@ app.get('/', (req, res) => {
   res.sendFile(renderIndex());
 });
 
+// if we want to see when a user was last active, should we put in some middleware here?
+
 // Handle API errors
 app.use('/api', (error, req, res, next) => {
   if (error && error.code && !res.headersSent) {

From 69d44f30dc799af454de5b8660ca7c32b02f4821 Mon Sep 17 00:00:00 2001
From: raclim <43053081+raclim@users.noreply.github.com>
Date: Sat, 26 Apr 2025 17:19:50 -0400
Subject: [PATCH 4/6] remove comments

---
 server/models/user.js | 2 +-
 server/server.js      | 2 --
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/server/models/user.js b/server/models/user.js
index ae125a38d9..b825971747 100644
--- a/server/models/user.js
+++ b/server/models/user.js
@@ -83,7 +83,7 @@ const userSchema = new Schema(
       default: 'none'
     },
     banned: { type: Boolean, default: false },
-    lastLoginTimestamp: { type: Date } // or should it be last active?
+    lastLoginTimestamp: { type: Date }
   },
   { timestamps: true, usePushEach: true }
 );
diff --git a/server/server.js b/server/server.js
index 9324f0f435..8b4d196451 100644
--- a/server/server.js
+++ b/server/server.js
@@ -167,8 +167,6 @@ app.get('/', (req, res) => {
   res.sendFile(renderIndex());
 });
 
-// if we want to see when a user was last active, should we put in some middleware here?
-
 // Handle API errors
 app.use('/api', (error, req, res, next) => {
   if (error && error.code && !res.headersSent) {

From e0587bcbadc1bf518b9a892c7953a51a5e988a60 Mon Sep 17 00:00:00 2001
From: raclim <43053081+raclim@users.noreply.github.com>
Date: Mon, 28 Apr 2025 12:19:48 -0400
Subject: [PATCH 5/6] set maxAge for session to be 4 weeks

---
 server/server.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server/server.js b/server/server.js
index 8b4d196451..ade1c08487 100644
--- a/server/server.js
+++ b/server/server.js
@@ -94,7 +94,8 @@ app.use(
     name: 'sessionId',
     cookie: {
       httpOnly: true,
-      secure: false
+      secure: false,
+      maxAge: 1000 * 60 * 60 * 24 * 28 // 4 weeks
     },
     store: new MongoStore({
       clientPromise,

From 4fe29fdc4455c2439ac8388630dc7df2bb4aa080 Mon Sep 17 00:00:00 2001
From: raclim <43053081+raclim@users.noreply.github.com>
Date: Tue, 29 Apr 2025 10:59:55 -0400
Subject: [PATCH 6/6] update comment to clarify milliseconds

---
 server/server.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/server.js b/server/server.js
index ade1c08487..1e9aa6ed6a 100644
--- a/server/server.js
+++ b/server/server.js
@@ -95,7 +95,7 @@ app.use(
     cookie: {
       httpOnly: true,
       secure: false,
-      maxAge: 1000 * 60 * 60 * 24 * 28 // 4 weeks
+      maxAge: 1000 * 60 * 60 * 24 * 28 // 4 weeks in milliseconds
     },
     store: new MongoStore({
       clientPromise,