Security News
Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm
Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.
By Philipp Burckhardt - Nov 14, 2025
@prsm/express-session-auth
Advanced tools
express-session-auth
Requirements
express-session: https://github.com/expressjs/sessioncookie-parser: https://github.com/expressjs/cookie-parser- TypeORM
express-session-authexports entities (User,UserReset,UserRemember,UserConfirmation) that you need to include in your datasource for migration/sync purposes.
Quickstart
Wherever you create your express application, include the auth middleware and pass in your TypeORM datasource.
import express from "express";
import { createServer } from "node:http";
import auth from "@prsm/express-session-auth";
import datasource from "./my-datasource";
const app = express();
const server = createServer(app);
// the auth middleware needs your datasource instance
app.use(auth({ datasource }));
Here's an example TypeORM datasource:
// my-datasource.ts
import {
User,
UserConfirmation,
UserRemember,
UserReset,
} from "@prsm/express-session-auth";
import { DataSource } from "typeorm";
const datasource = new DataSource({
type: "mysql", // express-session-auth supports mysql, postgres and sqlite (others not tested)
host: process.env.DB_HOST,
port: process.env.DB_PORT ? +process.env.DB_PORT : 3306,
username: process.env.DB_USER,
password: process.env.DB_PASSWORD,
database: process.env.DB_NAME,
entities: [
User,
UserConfirmation,
UserRemember,
UserReset,
/* the reset of your entities here */
],
});
export default datasource;
Environment variables and their defaults:
HTTP_PORT=3002
AUTH_SESSION_REMEMBER_DURATION=30d
AUTH_SESSION_REMEMBER_COOKIE_NAME=prsm.auth.remember
AUTH_SESSION_RESYNC_INTERVAL=30m
AUTH_MINIMUM_PASSWORD_LENGTH=8
AUTH_MAXIMUM_PASSWORD_LENGTH=64
DB_HOST=localhost
DB_PORT=3306
DB_USERNAME=root
DB_PASSWORD=toor
DB_NAME=prsm
Because this middleware augments the Request object by adding an auth property, you will want to add the following to your tsconfig.json so that your language server doesn't flag references to req.auth as an error:
{
"include": [
"src",
"node_modules/@prsm/express-session-auth/express-session-auth.d.ts"
]
}
FAQs
## Requirements
The npm package @prsm/express-session-auth receives a total of 16 weekly downloads. As such, @prsm/express-session-auth popularity was classified as not popular.
We found that @prsm/express-session-auth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 11 Sep 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PyPI Expands Trusted Publishing to GitLab Self-Managed as Adoption Passes 25 Percent
PyPI adds Trusted Publishing support for GitLab Self-Managed as adoption reaches 25% of uploads
By Sarah Gooding - Nov 14, 2025
Research
/Security News
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.
By Kirill Boychenko - Nov 12, 2025