How to end a session in ExpressJS

Question

I feel like this has to be buried somewhere in the documentation, but I can\'t find it.

How do you close or end or kill (whatever) a session in ExpressJS?

Answer 1

use,

delete req.session.yoursessionname;

Answer 2

Session.destroy(callback)

Destroys the session and will unset the req.session property. Once complete, the callback will be invoked.

↓ Secure way ↓ ✅

req.session.destroy((err) => {
  res.redirect('/') // will always fire after session is destroyed
})

---

↓ Unsecure way ↓ ❌

req.logout();
res.redirect('/') // can be called before logout is done

Answer 3

Express 4.x Updated Answer

Session handling is no longer built into Express. This answer refers to the standard session module: https://github.com/expressjs/session

To clear the session data, simply use:

req.session.destroy();

The documentation is a bit useless on this. It says:

Destroys the session, removing req.session, will be re-generated next request. req.session.destroy(function(err) { // cannot access session here })

This does not mean that the current session will be re-loaded on the next request. It means that a clean empty session will be created in your session store on next request. (Presumably the session ID isn't changing, but I have not tested that.)

Answer 4

req.session.destroy(); 

The above did not work for me so I did this.

req.session.cookie.expires = new Date().getTime();

By setting the expiration of the cookie to the current time, the session expired on its own.

Answer 5

The question didn't clarify what type of session store was being used. Both answers seem to be correct.

For cookie based sessions:

From http://expressjs.com/api.html#cookieSession

req.session = null // Deletes the cookie.

For Redis, etc based sessions:

req.session.destroy // Deletes the session in the database.

Answer 6

Never mind, it's req.session.destroy();