regenerate session after login/logout

.gitignore

@@ -3,8 +3,7 @@ node_modules/
 dist/
 npm-debug.log
 yarn-error.log
-app.pyc
-demo.ncdb
+*.db
 config.ini
 cert.key
 cert.crt

routes/login.js

@@ -16,9 +16,10 @@ router.post('', async (req, res, next) => {
     if (req.body.username === userName && await verifyPassword(guessedPassword)) {
         const rememberMe = req.body.rememberme;
 
-        req.session.loggedIn = true;
-
-        return res.redirect('/');
+        req.session.regenerate(() => {
+            req.session.loggedIn = true;
+            res.redirect('/');
+        });
     }
     else {
         res.render('login', {'failedAuth': true});

routes/logout.js

@@ -2,9 +2,12 @@ const express = require('express');
 const router = express.Router();
 
 router.post('', async (req, res, next) => {
-    req.session.loggedIn = false;
+    req.session.regenerate(() => {
+        req.session.loggedIn = false;
+
+        res.redirect('/');
+    });
 
-    res.redirect('login');
 });
 
 module.exports = router;