als-session v4.5.0

Als-session

Session based file storage as middleware.

Change log for v4.5

• Dependencies changed
• Added session in memory option

Middleware initiation

Quick init

Usage with express as middleware.

const sessionMw = require("als-session");
app.use(sessionMw({}));

The example above demonstrates adding session middleware to an express application with default settings.

Basic init

Syntax:

const sessionMw = require('als-session');
const options = {}
let session = sessionMw(options);

app.use(session);

The sessionMw function configures middleware for session management. Below are the available configuration parameters:

• prefix: String (1 to 3 characters)

  • Prefix for the session name.
  • Default: 'sid'.

• path: String

  • URL path for the session.
  • Minimum length: 1 character.
  • Default: '/'.

• httpOnly: Boolean

  • If true, the cookie is not accessible through document.cookie.
  • Default: true.

• secure: Boolean

  • If true, the cookie is not sent in the response.
  • Default: true.

• maxAge: Number

  • The lifespan of the session in milliseconds.
  • Range: from 1000 to infinity.
  • Default: 7 days (604800000 ms).

• secret: String

  • Secret for signing the cookie.
  • Minimum length: 10 characters.
  • Default: Automatically generated.
    • available as secret text file inside als-session

• log: Function

  • Logging function for errors.
  • Example: (e) => {throw e}.
  • Default: console.error.

• dirPath: String

  • Path for saving sessions.
  • Using path if path is valid
  • Using join(__dirname, '..', 'session') if path not string
  • Using memory store if path is 'memory'

Example for initiation

const sessionMw = require('als-session');

let session = sessionMw({
    prefix: 'aaa',
    path: '/dashboard',
    httpOnly: false,
    secure: false,
    maxAge: 1000 * 60 * 60,
    secret: 'some1234567',
    log: (e) => { throw e },
    dirPath: join(__dirname, 'sessions')
});

Session usage

Usage is straightforward. Typically, all you need is req.session.

Syntax:

function(req, res) {
  req.sessionStore: object // instance of File
  req.sessionId: string // session ID (file name or key in memory storage)
  req.session: object // Session object for storing user data
  req.destroySession: function // function for destroying the session and creating a new one
}

sessionId - is a name of file in sessions folder

Modifying session

req.session is an object which saved after response sent.

req.session.key = "value"; // add a new value to session
let value = req.session.key; // get a value by key
delete req.session.key; // delete a value by key

Destroying session

Syntax:

await req.destroySession();