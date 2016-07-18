NodeSession

Since HTTP driven applications are stateless, sessions provide a way to store information about the user across requests. NodeSession ships with a variety of session back-ends available for use through a clean, unified API. Support for back-ends such as File and databases is included out of the box.

Installation

The source is available for download from GitHub. Alternatively, you can install using Node Package Manager (npm):

npm install node-session

Session Usage

Initialization

var NodeSession = require ( 'node-session' ); session = new NodeSession({ secret : 'Q3UBzdH9GEfiRCTKbi5MTPyChpzXLsTD' }); session.startSession(req, res, callback)

Accessing sessions

The session can be accessed via the HTTP request's session property.

Storing An Item In The Session

req.session.put( 'key' , 'value' );

Push A Value Onto An Array Session Value

req.session.push( 'user.teams' , 'developers' );

Retrieving An Item From The Session

var value = req.session.get( 'key' );

Retrieving An Item Or Returning A Default Value

var value = req.session.get( 'key' , 'default' );

Retrieving An Item And Forgetting It

var value = req.session.pull( 'key' , 'default' );

Retrieving All Data From The Session

var data = req.session.all();

Determining If An Item Exists In The Session

if (req.session.has( 'users' )) { }

Removing An Item From The Session

req.session.forget( 'key' );

Removing All Items From The Session

req.session.flush();

Regenerating The Session ID

req.session.regenerate();

Flash Data

Sometimes you may wish to store items in the session only for the next request. You may do so using the req.session.flash method:

req.session.flash( 'key' , 'value' );

Reflashing The Current Flash Data For Another Request

req.session.reflash();

Reflashing Only A Subset Of Flash Data

req.session.keep( 'username' , 'email' );

CSRF Token

By default NodeSession generates and keeps CSRF token for your application in session.

Access CSRF token

req.session.getToken()

Regenerate CSRF token

req.session.regenerateToken()

configuration

Configuration options are passed during initialization of NodeSession module as an object. NodeSession supports following configuration options.

{ 'secret' : 'Q3UBzdH9GEfiRCTKbi5MTPyChpzXLsTD' 'driver' : 'file' , 'lifetime' : 300000 , 'expireOnClose' : false , 'files' : process.cwd() + '/sessions' , 'connection' : { 'adapter' : 'sails-mongo' , 'host' : 'localhost' , 'port' : 27017 , 'user' : 'tron' , 'password' : '' , 'database' : 'tron' }, 'table' : 'sessions' , 'lottery' : [ 2 , 100 ], 'cookie' : 'node_session' , 'path' : '/' , 'domain' : null , 'secure' : false 'encrypt' : false }

The NodeSession uses the flash session key internally, so you should not add an item to the session by that name.

Database Sessions

When using the database session driver, you may need to setup a table to contain the session items based on database. Below is a required schema for the table:

filed type index id string unique payload string lastActivity integer

Session Drivers

The session "driver" defines where session data will be stored for each request. NodeSession ships with several great drivers out of the box:

memory - sessions will be stored in memory. Memory session driver is purposely not designed for a production environment. It will leak memory under most conditions, does not scale past a single process, and is meant for debugging and developing.

file - sessions will be stored in files in a specified location.

database - sessions will be stored in a database.

To do

Add redis session driver

License

The NodeSession is open-sourced software licensed under the MIT license.