express-session

问题 I am newbie with the MEAN stack. I read the express-session github doc but there are some options which are unclear to me. Those options are saveUninitialized and resave . Can anyone please explain with examples what are the advatanges of using saveUninitialized and resave , and what will the effect be if we change the boolean values in those options. Syntax:- app.use(session({ resave: false, saveUninitialized: true, })) 回答1: Let's assume that sessions are enabled globally (for all requests).

问题 Every so often, my nodejs application — which uses the express v4.12.2 and express-session v1.13.0 modules — throws the following TypeError exception and crashes: /app/node_modules/express-session/node_modules/cookie/index.js:136 if (opt.expires) pairs.push('Expires=' + opt.expires.toUTCString()); ^ TypeError: opt.expires.toUTCString is not a function at Object.serialize (/app/node_modules/express-session/node_modules/cookie/index.js:136:56) at setcookie (/app/node_modules/express-session

问题 I'm trying to implement authentication and sessions with socket.io. After a lot of research 1 , I've set up the following which makes use of express and express-session. The issue is that, express and socket.io connections seems to be having different sessions since the id I'm getting is different. Also, no cookie is set in the browser from my application (which is possibly why both components are creating different sessions?) I'm using express 4.13.3 express-session 1.12.1 and socket.io 1.3

问题 I'm new to NodeJS. I am developing a REST API and using express-session to deal with sessions. So, to get the session ID I'm using var sessionID = req.sessionID This sessionID is generated from the server side. So, when I scale up to two or more servers, this is a problem. For example, if one server shuts down and the request is redirected to another server (Assuming I have a load balancer), a new session ID is generated. So, is there a way to retrieve the session ID from the client side? 回答1

问题 I have a Passport-using application with a GraphQL endpoint and a /logout endpoint. For some reason when I called request.isAuthenticated() from inside the GraphQL endpoint I got back true , but when I made the same exact call from inside the /logout endpoint I got back false . So, I did a bit of logging (of request.session.id ) and it turns out that I somehow wound up with two sessions. Stranger still, the session used by my GraphQL endpoint is persistent: if I restart the server it keeps

问题 I have a Passport-using application with a GraphQL endpoint and a /logout endpoint. For some reason when I called request.isAuthenticated() from inside the GraphQL endpoint I got back true , but when I made the same exact call from inside the /logout endpoint I got back false . So, I did a bit of logging (of request.session.id ) and it turns out that I somehow wound up with two sessions. Stranger still, the session used by my GraphQL endpoint is persistent: if I restart the server it keeps

问题 I am using the express-session module, it works perfectly on localhost but on my website (hosted on Heroku using Cloudflare), the express session is being blocked as being a third party cookie. Here is the configuration for my session: app.use(session({ resave: false, saveUninitialized: false, proxy : true, cookie: { maxAge: 3600000000000, httpOnly: false, secure: false, domain: '.mydomain.com', path: '/' }, store: sessionStore, secret: 'mysecret', unset: 'destroy' })); Is this an issue with

问题 The session middleware for Express provides several configurable options. resave : 'Forces the session to be saved back to the session store, even if the session was never modified during the request.' saveUninitialized : 'Forces a session that is "uninitialized" to be saved to the store. A session is uninitialized when it is new but not modified.' It appears that both options are for saving unmodified sessions. What's the difference? 回答1: I thought I would start off with a basic answer, my

问题 I'm using a passport local strategy that works well with express: passport.use(localStrategy); passport.serializeUser((user, done) => done(null, JSON.stringify(user))); passport.deserializeUser((obj, done) => done(null, JSON.parse(obj))); app.use(passport.initialize()); app.use(passport.session()); This localStrategy is doing a Mongoose call to get the user based on his pubKey and I guess that request.user is populated by this way. I setup my graphql endpoint like this: app.use('/graphql',

问题 I'm trying to implement the login functionality with passport.js and express-session, it works well, var passport = require('passport'), session = require('express-session'), MongoDBStore = require('connect-mongodb-session')(session); var sessionStore = new MongoDBStore({ uri: config.db, collection: 'sessions' }); var sessionOptions = { name: 'very-secure-cookie', secret: config.secret, resave: false, saveUninitialized: true, cookie: { secure: true, maxAge: null }, store: sessionStore }; app