@coolgk/session v2.0.1
@coolgk/session
a javascript / typescript module
npm install @coolgk/session
An session handler that works without cookie (and with cookie too).
Report bugs here: https://github.com/coolgk/node-utils/issues
When working without cookie, this class reads the session token from the "Authorization" header. e.g. Authorization : Bearer cn389ncoiwuencr...
Express Middleware Example
// express middleware
const session = require('@coolgk/session');
const app = require('express')();
app.use(
session.express({
redisClient: require('redis').createClient({
host: process.env.REDIS_HOST,
port: process.env.REDIS_PORT,
password: process.env.REDIS_PASSWORD
}),
secret: '123' // secret is required for creating the session token / id
})
);
app.use(async (request, response, next) => {
// allow access if it's the login page or the request has a valid session
if ('/login' === request.url || await request.session.verifyAndRenew()) { // if session is verified, renew session
next();
} else { // deny access
response.send('Please Login');
// output
// 'Please Login'
}
});
app.get('/login', async (request, response, next) => {
// start a new session (create a new session id)
const accessToken = await request.session.init();
// set session variables
await request.session.set('user', { id: 1, username: 'abc' });
// send session token/id back
response.json({ accessToken });
// output
// {"accessToken":"eyJleHAiOjAsIml..."}
});
app.get('/user', async (request, response, next) => {
// get session variable
response.json(await request.session.get('user'));
// output
// {"id":1,"username":"abc"}
});
app.get('/session', async (request, response, next) => {
// get all session values
response.json(await request.session.getAll());
// output
// {"user":{"id":1,"username":"abc"}}
});
app.get('/logout', async (request, response, next) => {
// destroy current session
await request.session.destroy();
response.json(await request.session.getAll());
// output
// {}
});
app.listen(8888);Native Node App Example
import { Session } from '@coolgk/session';
// OR
// const { Session } = require('@coolgk/session');
const http = require('http');
http.createServer(async (request, response) => {
const session = new Session({
redisClient: require('redis').createClient({
host: process.env.REDIS_HOST,
port: process.env.REDIS_PORT,
password: process.env.REDIS_PASSWORD
}),
secret: '123',
request,
response
});
// ... some middelware
// ... in some routes
// set sesstion
await session.start();
await session.set('user', {id: 1, username: 'user@example.com'});
// check session and renew if verified
const verified = await session.verifyAndRenew();
if (verified) {
// session exists, logged in, do something
} else {
// deny access or show login screen
}
// show session data
response.end(
JSON.stringify(
await session.getAll()
)
); // {"user":{"id":1,"username":"user@example.com"}}
}).listen(8888);To use without cookie
Create a session without the "response" property and the sessoin object will read the session id from the "Authorization" header i.e. Authorization : Bearer cn389ncoiwuencr...
const session = new Session({
redisClient: require('redis').createClient({
host: process.env.REDIS_HOST,
port: process.env.REDIS_PORT,
password: process.env.REDIS_PASSWORD
}),
secret: '123',
request
});Session
This class extends @coolgk/token see set(), get(), delete(), getAll() in @coolgk/token
Kind: global class
- Session
- .destroy() ⇒ promise
- .renew([expiry]) ⇒ promise
session.destroy() ⇒ promise
destory the current session
Kind: instance method of Session
session.renew(expiry) ⇒ promise
renew session optionally with a different expiry time
Kind: instance method of Session
Returns: promise - - false if session has not been started or has a invalid token string
| Param | Type | Description |
|---|---|---|
| expiry | number | in seconds |