Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

connect-mongodb-session

Package Overview
Dependencies
Maintainers
1
Versions
41
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

connect-mongodb-session

MongoDB session store for connect/express built by MongoDB

  • 5.0.0
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
14K
increased by4.85%
Maintainers
1
Weekly downloads
 
Created
Source

connect-mongodb-session

MongoDB-backed session storage for connect and Express. Meant to be a well-maintained and fully-featured replacement for modules like connect-mongo

Build Status Coverage Status

MongoDBStore

This module exports a single function which takes an instance of connect (or Express) and returns a MongoDBStore class that can be used to store sessions in MongoDB.

It can store sessions for Express 4

If you pass in an instance of the express-session module the MongoDBStore class will enable you to store your Express sessions in MongoDB.

The MongoDBStore class has 3 required options:

  1. uri: a MongoDB connection string
  2. databaseName: the MongoDB database to store sessions in
  3. collection: the MongoDB collection to store sessions in

Note: You can pass a callback to the MongoDBStore constructor, but this is entirely optional. The Express 3.x example demonstrates that you can use the MongoDBStore class in a synchronous-like style: the module will manage the internal connection state for you.

var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);

var app = express();
var store = new MongoDBStore({
  uri: 'mongodb://127.0.0.1:27017/connect_mongodb_session_test',
  collection: 'mySessions'
});

// Catch errors
store.on('error', function(error) {
  console.log(error);
});

app.use(require('express-session')({
  secret: 'This is a secret',
  cookie: {
    maxAge: 1000 * 60 * 60 * 24 * 7 // 1 week
  },
  store: store,
  // Boilerplate options, see:
  // * https://www.npmjs.com/package/express-session#resave
  // * https://www.npmjs.com/package/express-session#saveuninitialized
  resave: true,
  saveUninitialized: true
}));

app.get('/', function(req, res) {
  res.send('Hello ' + JSON.stringify(req.session));
});

server = app.listen(3000);

It throws an error when it can't connect to MongoDB

You should pass a callback to the MongoDBStore constructor to catch errors. If you don't pass a callback to the MongoDBStore constructor, MongoDBStore will throw if it can't connect.

var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);

var app = express();
var store = new MongoDBStore(
  {
    uri: 'mongodb://bad.host:27000/connect_mongodb_session_test?connectTimeoutMS=10',
    databaseName: 'connect_mongodb_session_test',
    collection: 'mySessions'
  },
  function(error) {
    // Should have gotten an error
  });

store.on('error', function(error) {
  // Also get an error here
});

app.use(session({
  secret: 'This is a secret',
  cookie: {
    maxAge: 1000 * 60 * 60 * 24 * 7 // 1 week
  },
  store: store,
  // Boilerplate options, see:
  // * https://www.npmjs.com/package/express-session#resave
  // * https://www.npmjs.com/package/express-session#saveuninitialized
  resave: true,
  saveUninitialized: true
}));

app.get('/', function(req, res) {
  res.send('Hello ' + JSON.stringify(req.session));
});

server = app.listen(3000);

It supports several other options

There are several other options you can pass to new MongoDBStore():

var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);

var store = new MongoDBStore({
  uri: 'mongodb://127.0.0.1:27017/connect_mongodb_session_test',
  collection: 'mySessions',

  // By default, sessions expire after 2 weeks. The `expires` option lets
  // you overwrite that by setting the expiration in milliseconds
  expires: 1000 * 60 * 60 * 24 * 30, // 30 days in milliseconds

  // Lets you set options passed to `MongoClient.connect()`. Useful for
  // configuring connectivity or working around deprecation warnings.
  connectionOptions: {
    serverSelectionTimeoutMS: 10000
  }
});

Azure Cosmos MongoDB support

It can support MongoDB instances inside Azure Cosmos. As Cosmos can only support time-based index on fields called _ts, you will need to update your configuration. Unlike in MongoDB, Cosmos starts the timer at the point of document creation so the expiresAfterSeconds should have the same value as expires - as expires is in milliseconds, the expiresAfterSeconds must equal expires / 1000.


var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);

var store = new MongoDBStore({
  uri: 'mongodb://username:password@cosmosdb-name.mongo.cosmos.azure.com:10255/?ssl=true&replicaSet=globaldb&retrywrites=false&maxIdleTimeMS=120000&appName=@cosmosdb-name@', 
  databaseName: 'myDb',
  collection: 'mySessions',

  // Change the expires key name
  expiresKey: `_ts`,
  // This controls the life of the document - set to same value as expires / 1000
  expiresAfterSeconds: 60 * 60 * 24 * 14 
});

Keywords

FAQs

Package last updated on 25 Jan 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc