Security News
The Changelog Podcast: Practical Steps to Stay Safe on npm
Learn the essential steps every developer should take to stay secure on npm and reduce exposure to supply chain attacks.
By Sarah Gooding -  Oct 31, 2025
🚀 DAY 5 OF LAUNCH WEEK: Introducing Socket Firewall Enterprise.Learn more →
@omegion1npm/recusandae-fuga-aliquid
Advanced tools
@omegion1npm/recusandae-fuga-aliquid
[MongoDB](http://mongodb.com)-backed session storage for [connect](https://www.npmjs.org/package/connect) and [Express](http://www.expressjs.com). Meant to be a well-maintained and fully-featured replacement for modules like [connect-mongo](https://www.np
connect-mongodb-session
MongoDB-backed session storage for connect and Express. Meant to be a well-maintained and fully-featured replacement for modules like connect-mongo
MongoDBStore
This module exports a single function which takes an instance of connect
(or Express) and returns a MongoDBStore class that can be used to
store sessions in MongoDB.
It can store sessions for Express 4
If you pass in an instance of the
express-session module
the MongoDBStore class will enable you to store your Express sessions
in MongoDB.
The MongoDBStore class has 3 required options:
uri: a MongoDB connection stringdatabaseName: the MongoDB database to store sessions incollection: the MongoDB collection to store sessions in
Note: You can pass a callback to the MongoDBStore constructor,
but this is entirely optional. The Express 3.x example demonstrates
that you can use the MongoDBStore class in a synchronous-like style: the
module will manage the internal connection state for you.
var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);
var app = express();
var store = new MongoDBStore({
uri: 'mongodb://127.0.0.1:27017/connect_mongodb_session_test',
collection: 'mySessions'
});
// Catch errors
store.on('error', function(error) {
console.log(error);
});
app.use(require('express-session')({
secret: 'This is a secret',
cookie: {
maxAge: 1000 * 60 * 60 * 24 * 7 // 1 week
},
store: store,
// Boilerplate options, see:
// * https://www.npmjs.com/package/express-session#resave
// * https://www.npmjs.com/package/express-session#saveuninitialized
resave: true,
saveUninitialized: true
}));
app.get('/', function(req, res) {
res.send('Hello ' + JSON.stringify(req.session));
});
server = app.listen(3000);
It throws an error when it can't connect to MongoDB
You should pass a callback to the MongoDBStore constructor to catch
errors. If you don't pass a callback to the MongoDBStore constructor,
MongoDBStore will throw if it can't connect.
var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);
var app = express();
var store = new MongoDBStore(
{
uri: 'mongodb://bad.host:27000/connect_mongodb_session_test?connectTimeoutMS=10',
databaseName: 'connect_mongodb_session_test',
collection: 'mySessions'
},
function(error) {
// Should have gotten an error
});
store.on('error', function(error) {
// Also get an error here
});
app.use(session({
secret: 'This is a secret',
cookie: {
maxAge: 1000 * 60 * 60 * 24 * 7 // 1 week
},
store: store,
// Boilerplate options, see:
// * https://www.npmjs.com/package/express-session#resave
// * https://www.npmjs.com/package/express-session#saveuninitialized
resave: true,
saveUninitialized: true
}));
app.get('/', function(req, res) {
res.send('Hello ' + JSON.stringify(req.session));
});
server = app.listen(3000);
It supports several other options
There are several other options you can pass to new MongoDBStore():
var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);
var store = new MongoDBStore({
uri: 'mongodb://127.0.0.1:27017/connect_mongodb_session_test',
collection: 'mySessions',
// By default, sessions expire after 2 weeks. The `expires` option lets
// you overwrite that by setting the expiration in milliseconds
expires: 1000 * 60 * 60 * 24 * 30, // 30 days in milliseconds
// Lets you set options passed to `MongoClient.connect()`. Useful for
// configuring connectivity or working around deprecation warnings.
connectionOptions: {
serverSelectionTimeoutMS: 10000
}
});
Azure Cosmos MongoDB support
It can support MongoDB instances inside Azure Cosmos. As Cosmos can only support
time-based index on fields called _ts, you will need to update your configuration.
Unlike in MongoDB, Cosmos starts the timer at the point of document creation so the
expiresAfterSeconds should have the same value as expires - as expires is in
milliseconds, the expiresAfterSeconds must equal expires / 1000.
var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);
var store = new MongoDBStore({
uri: 'mongodb://username:password@cosmosdb-name.mongo.cosmos.azure.com:10255/?ssl=true&replicaSet=globaldb&retrywrites=false&maxIdleTimeMS=120000&appName=@cosmosdb-name@',
databaseName: 'myDb',
collection: 'mySessions',
// Change the expires key name
expiresKey: `_ts`,
// This controls the life of the document - set to same value as expires / 1000
expiresAfterSeconds: 60 * 60 * 24 * 14
});
FAQs
[MongoDB](http://mongodb.com)-backed session storage for [connect](https://www.npmjs.org/package/connect) and [Express](http://www.expressjs.com). Meant to be a well-maintained and fully-featured replacement for modules like [connect-mongo](https://www.np
We found that @omegion1npm/recusandae-fuga-aliquid demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 30 Apr 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Security Community Slams MIT-linked Report Claiming AI Powers 80% of Ransomware
Experts push back on new claims about AI-driven ransomware, warning that hype and sponsored research are distorting how the threat is understood.
By Sarah Gooding -  Oct 30, 2025
Security News
Ruby Core Team Assumes Stewardship of RubyGems and Bundler, Former Maintainers Offer to Transfer All Rights to Matz
Ruby's creator Matz assumes control of RubyGems and Bundler repositories while former maintainers agree to step back and transfer all rights to end the dispute.
By Sarah Gooding -  Oct 29, 2025