Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

alt-session

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

alt-session

Alternative API for Express sessions (backed by Redis)

latest
Source
npmnpm
Version
0.0.1
Version published
Weekly downloads
2
100%
Maintainers
1
Weekly downloads
 
Created
Source

Redis-backed sessions for Express

This module provides your apps with asynchronous Session API with data stored in Redis.

The asynchronous approach allows you to access session data on-demand, instead of saving-restoring it on every request regardless of whether data is actually being used or not. It is also super-friendly to asynchronous control flow libraries (like async).

Usage

  • npm install alt-session

  • Add middleware after cookie parser:

    app.use(require('alt-session', {
  redis: {
    host: 'localhost',
    port: 6390,
    auth_pass: 'optional'
  },
  session: {
    dbIndex: 0,         // for selecting Redis database
    tti: 300,           // time to idle before session is removed from Redis, in seconds
    prefix: 'sess',     // custom key prefix for Redis storage
    secure: true,       // for setting cookie.secure option
    domain: 'optional'  // for custom cookie domain
  }
}));

  • Store session data:

    req.session.set('myKey', 'myValue', function(err) {
  if (err)
    return next(err);
  // Success
});

  • Retrieve single key:

    req.session.get('myKey', function(err, myValue) {
  if (err)
    return next(err);
  // Success
});

  • Retrieve multiple keys:

    req.session.mget(['myKey1', 'myKey2'], function(err, session) {
  if (err)
    return next(err);
  // Success
  // session.myKey1
  // session.myKey2
});

  • Remove single value:

    req.session.remove('myKey', function(err) {
  if (err)
    return next(err);
  // Success
});

  • Remove all values:

    req.session.remove(['myKey1', 'myKey2'], function(err) {
  if (err)
    return next(err);
  // Success
});

  • Invalidate (clear):

    req.session.invalidate(function(err) {
  if (err)
    return next(err);
  // Success
});

Compatibility with synchronous API

Asynchronous Session API is generally incompatible with synchronous version.

If your library depends on certain keys being available in req.session, you might want to add simple middleware like this:

// Retrieve stuff
app.use(function(req, res, next) {
  req.session.get('myKey', function(value) {
    req.session.myKey = value;
    next();
  });
});

// Include your other middleware and routes

// Persist stuff
app.use(function(req, res, next) {
  req.session.set('myKey', req.session.myKey, next);
});

Keywords

web
app
session
cookie
redis
stored

FAQs

Package last updated on 24 Jan 2015

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads

Research

/

Security News

9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads

Socket researchers discovered nine malicious NuGet packages that use time-delayed payloads to crash applications and corrupt industrial control systems.

By Kush Pandya  -  Nov 06, 2025