1.1.3 • Published 3 months ago
express-session-hijack v1.1.3
express-session-hijack
this package helps developers to protect session and keep it safe by re generate session with same payload (data)
Features
- use it as middleware to regenerate session token every request
- use it as route middleware to regenerarte session token every request in this route
- use it as function to regeenerate session token every success logic
Installation
npm install --save express-session-hijackUsage
after install package on your express project, you can use it as middleware or function. this examples will show how can you use express-session-hijack in your project
// regenerate session token every reqeust
application.use(hijack());
application.get("/", function (request, response) {
response.status(200).send("Hello!");
});// regenerate session token every request this endpoint
application.get("/auth/login", hijack(), function (request, response) {
response.status(200).send("authentication successfully");
});application.get("/auth/login", async function (request, response, next) {
await hijack(async function (request, response) {
response.status(200).send("authentication successfully, " + username);
})(request, response, next);
});application.get("/auth/login", async function (request, response, next) {
await hijack()(request, response, next);
response.status(200).send("authentication successfully, " + username);
});Error Handling
application.use(function (error, request, response, next) {
if (error.name === "SessionRegenerateError") {
response.status(403).send("failed to reload session");
} else return next(error);
});Contributing
Contributions are welcome! If you would like to contribute to this project, please fork the repository and submit a pull request.
Issues
If you encounter any issues with this application, please submit a bug report on the GitHub Issues page.
License
This application is licensed under the MIT License. See the LICENSE file for more information.