When working without cookie, this class reads the session token from the "Authorization" header. e.g. Authorization : Bearer cn389ncoiwuencr...

Express Middleware Example

// express middleware
const session = require('@coolgk/session');
const app = require('express')();

app.use(
    session.express({
        redisClient: require('redis').createClient({
            host: process.env.REDIS_HOST,
            port: process.env.REDIS_PORT,
            password: process.env.REDIS_PASSWORD
        }),
        secret: '123' // secret is required for creating the session token / id
    })
);

app.use(async (request, response, next) => {
    // allow access if it's the login page or the request has a valid session
    if ('/login' === request.url || await request.session.verifyAndRenew()) { // if session is verified, renew session
        next();
    } else { // deny access
        response.send('Please Login');
        // output
        // 'Please Login'
    }
});

app.get('/login', async (request, response, next) => {
    // start a new session (create a new session id)
    const accessToken = await request.session.init();
    // set session variables
    await request.session.set('user', { id: 1, username: 'abc' });
    // send session token/id back
    response.json({ accessToken });
    // output
    // {"accessToken":"eyJleHAiOjAsIml..."}
});

app.get('/user', async (request, response, next) => {
    // get session variable
    response.json(await request.session.get('user'));
    // output
    // {"id":1,"username":"abc"}
});

app.get('/session', async (request, response, next) => {
    // get all session values
    response.json(await request.session.getAll());
    // output
    // {"user":{"id":1,"username":"abc"}}
});

app.get('/logout', async (request, response, next) => {
    // destroy current session
    await request.session.destroy();
    response.json(await request.session.getAll());
    // output
    // {}
});

app.listen(8888);

Native Node App Example

import { Session } from '@coolgk/session';
// OR
// const { Session } = require('@coolgk/session');

const http = require('http');
http.createServer(async (request, response) => {

    const session = new Session({
        redisClient: require('redis').createClient({
            host: process.env.REDIS_HOST,
            port: process.env.REDIS_PORT,
            password: process.env.REDIS_PASSWORD
        }),
        secret: '123',
        request,
        response
    });

    // ... some middelware
    // ... in some routes
    // set sesstion
    await session.start();
    await session.set('user', {id: 1, username: 'user@example.com'});

    // check session and renew if verified
    const verified = await session.verifyAndRenew();
    if (verified) {
        // session exists, logged in, do something
    } else {
        // deny access or show login screen
    }

    // show session data
    response.end(
        JSON.stringify(
            await session.getAll()
        )
    ); // {"user":{"id":1,"username":"user@example.com"}}

}).listen(8888);

Create a session without the "response" property and the sessoin object will read the session id from the "Authorization" header i.e. Authorization : Bearer cn389ncoiwuencr...

const session = new Session({
    redisClient: require('redis').createClient({
        host: process.env.REDIS_HOST,
        port: process.env.REDIS_PORT,
        password: process.env.REDIS_PASSWORD
    }),
    secret: '123',
    request
});

Session

This class extends @coolgk/token see set(), get(), delete(), getAll() in @coolgk/token

Kind: global class

Session
- .destroy() ⇒ promise
- .renew([expiry]) ⇒ promise

session.destroy() ⇒ `promise`

destory the current session

Kind: instance method of Session

session.renew([expiry]) ⇒ `promise`

renew session optionally with a different expiry time

Kind: instance method of Session
Returns: promise - - false if session has not been started or has a invalid token string

Param	Type	Description
[expiry]	`number`	in seconds

Keywords

session

session handler

session without cookie

restful session

express session

typescript

FAQs

What is @coolgk/session?

Is @coolgk/session well maintained?

Package last updated on 08 Aug 2019

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

@coolgk/session

@coolgk/session

Express Middleware Example

Native Node App Example

To use without cookie

Session

session.destroy() ⇒ promise

session.renew([expiry]) ⇒ promise

Keywords

Related posts

Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise

Node.js Drops Bug Bounty Rewards After Funding Dries Up

session.destroy() ⇒ `promise`

session.renew([expiry]) ⇒ `promise`