🚨 Active Supply Chain Attack:node-ipc Package Compromised.Learn More
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@eggjs/session

Package Overview
Dependencies
Maintainers
13
Versions
34
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@eggjs/session

session plugin for egg

latest
Source
npmnpm
Version
4.0.1
Version published
Weekly downloads
698
34.23%
Maintainers
13
Weekly downloads
 
Created
Source

@eggjs/session

NPM version Node.js CI Test coverage Known Vulnerabilities npm download Node.js Version PRs Welcome CodeRabbit Pull Request Reviews

Session plugin for egg, based on koa-session.

Install

npm i @eggjs/session

Usage

egg-session is a built-in plugin in egg and enabled by default.

// {app_root}/config/plugin.js
exports.session = true; // enable by default

External Store

egg-session support external store, you can store your sessions in redis, memcached or other databases.

For example, if you want to store session in redis, you must:

  • Dependent @eggjs/redis
npm i --save @eggjs/redis
  • Import @eggjs/redis as a plugin and set the configuration
// config/plugin.js
exports.redis = {
  enable: true,
  package: '@eggjs/redis',
};

// config/config.default.js
exports.redis = {
  // your redis configurations
};
  • Implement a session store with redis
// app.js

module.exports = app => {
  // set redis session store
  // session store must have 3 methods
  // define sessionStore in `app.js` so you can access `app.redis`
  app.sessionStore = {
    async get(key) {
      const res = await app.redis.get(key);
      if (!res) return null;
      return JSON.parse(res);
    },

    async set(key, value, maxAge) {
      // maxAge not present means session cookies
      // we can't exactly know the maxAge and just set an appropriate value like one day
      if (!maxAge) maxAge = 24 * 60 * 60 * 1000;
      value = JSON.stringify(value);
      await app.redis.set(key, value, 'PX', maxAge);
    },

    async destroy(key) {
      await app.redis.del(key);
    },
  };

  // session store can be a session store class
  // app.sessionStore = class Store {
  //   constructor(app) {
  //     this.app = app;
  //   }
  //   async get() {}
  //   async set() {}
  //   async destroy() {}
  // };
};

Once you use external session store, session is strong dependent on your external store, you can't access session if your external store is down. Use external session stores only if necessary, avoid use session as a cache, keep session lean and stored by cookie!

Configuration

Support all configurations in koa-session.

  • logValue
Support not to print the session value when session event trigger log. Default to be true.

View the default configurations

Questions & Suggestions

Please open an issue here.

License

MIT

Contributors

Contributors

Made with contributors-img.

Keywords

egg
egg-plugin
eggPlugin
session
cookie

FAQs

Package last updated on 21 Jan 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Popular node-ipc npm Package Infected with Credential Stealer

Security News

/

Research

Popular node-ipc npm Package Infected with Credential Stealer

Socket detected malicious node-ipc versions with obfuscated stealer/backdoor behavior in a developing npm supply chain attack.

By Socket Research Team  -  May 14, 2026