1.0.1 ā€¢ Published 3 years ago

@thermopylae/core.cookie-session v1.0.1

Weekly downloads
-
License
MIT
Repository
github
Last release
3 years ago

Cookie user session for HTTP interface.

Install

npm install @thermopylae/core.cookie-session

Description

This package contains Http Middleware for cookie user session management. It uses @thermopylae/lib.user-session for session management and contains implementation for repositories required by the library.

Usage

import { LoggerManagerInstance, OutputFormat } from '@thermopylae/core.logger';
import { ConnectionType, initLogger as initRedisClientLogger, RedisClientInstance, RedisConnectionOptions } from '@thermopylae/core.redis';
import { initLogger as initUserSessionCommonsLogger } from '@thermopylae/core.user-session.commons';
import { GeoIpLiteRepository, GeoIpLocator } from '@thermopylae/lib.geoip';
import { UserSessionManager } from '@thermopylae/lib.user-session';
import { AVRO_SERIALIZER } from '@thermopylae/core.user-session.commons/dist/storage/serializers/cookie/avro';
import { ExpressRequestAdapter, ExpressResponseAdapter, AdaptedExpressRequest, LOCATION_SYM } from '@thermopylae/core.adapter.express';
import { HttpStatusCode } from '@thermopylae/core.declarations';
import { CookieUserSessionMiddleware, initLogger as initCoreCookieSessionLogger, UserSessionRedisStorage } from '@thermopylae/core.cookie-session';
import { Response } from 'express';

(async function main() {
	/* Configure Logging */
	LoggerManagerInstance.formatting.setDefaultFormattingOrder(OutputFormat.PRINTF);
	LoggerManagerInstance.console.createTransport({ level: 'info' });

	/* Init Loggers */
	initRedisClientLogger();
	initCoreCookieSessionLogger();
	initUserSessionCommonsLogger();

	/* Connect to Redis Server */
	const redisClientOptions: RedisConnectionOptions = {
		host: '127.0.0.1',
		port: 6379,
		password: '09}KNng90/mng89;',
		connect_timeout: 10_000,
		max_attempts: 10,
		retry_max_delay: 5_000,
		attachDebugListeners: new Set(['end', 'reconnecting'])
	};

	await RedisClientInstance.connect({
		[ConnectionType.REGULAR]: {
			...redisClientOptions,
			detect_buffers: true // very important, REQUIRED
		},
		[ConnectionType.SUBSCRIBER]: redisClientOptions
	});

	/* Enable Key Space Notification Events (REQUIRED) */
	await RedisClientInstance.client.config('SET', 'notify-keyspace-events', 'Kgxe');

	/* Configure Geoip (OPTIONAL) */
	const geoip = new GeoIpLocator([new GeoIpLiteRepository(1)]);

	/* Configure Middleware */
	const middleware = new CookieUserSessionMiddleware({
		sessionManager: {
			idLength: 24,
			sessionTtl: 86_400, // 24h
			timeouts: {
				idle: 3_600, // 1h
				renewal: 43_200, // 12h
				oldSessionAvailabilityAfterRenewal: 5
			},
			renewSessionHooks: {
				onRenewMadeAlreadyFromCurrentProcess(sessionId: string) {
					console.warn(
						`Can't renew session '${UserSessionManager.hash(
							sessionId
						)}', because it was renewed already. Renew has been made from this NodeJS process.`
					);
				},
				onRenewMadeAlreadyFromAnotherProcess(sessionId: string) {
					console.warn(
						`Can't renew session '${UserSessionManager.hash(
							sessionId
						)}', because it was renewed already. Renew has been made from another NodeJS process.`
					);
				},
				onOldSessionDeleteFailure(sessionId: string, e: Error) {
					console.error(`Failed to delete renewed session '${UserSessionManager.hash(sessionId)}'.`, e);
				}
			},
			storage: new UserSessionRedisStorage({
				keyPrefix: {
					sessions: 'sids',
					sessionId: 'sid'
				},
				concurrentSessions: 2,
				serializer: AVRO_SERIALIZER
			})
		},
		session: {
			cookie: {
				name: 'sid',
				path: '/api',
				sameSite: 'strict',
				persistent: true
			},
			header: 'x-session-id',
			csrf: {
				name: 'x-requested-with',
				value: 'XmlHttpRequest'
			},
			'cache-control': true
		}
	});

	/* Define Route Handler */
	async function createSession(req: AdaptedExpressRequest, res: Response): Promise<void> {
		const request = new ExpressRequestAdapter(req);
		const response = new ExpressResponseAdapter(res);

		req[LOCATION_SYM] = await geoip.locate(request.ip);

		try {
			await middleware.create(request, response, 'uid1');
			response.status(HttpStatusCode.Created).send();
		} catch (e) {
			response.status(HttpStatusCode.BadRequest).send({ message: e.message });
		}
	}
})();

API Reference

API documentation is available here.

It can also be generated by issuing the following commands:

git clone git@github.com:marinrusu1997/thermopylae.git
cd thermopylae
yarn install
yarn workspace @thermopylae/core.cookie-session run doc

Author

šŸ‘¤ Rusu Marin

šŸ“ License

Copyright Ā© 2021 Rusu Marin. This project is MIT licensed.

thermopylaecoresessionuser-sessioncookie-session
@thermopylae/core.declarations@thermopylae/core.logger@thermopylae/core.redis@thermopylae/core.user-session.commons@thermopylae/lib.exception@thermopylae/lib.user-sessioncookie
@everything-registry/sub-chunk-913@zalastax/nolb-_ther
1.0.1

3 years ago

1.0.0

3 years ago

0.0.1

4 years ago