connect-mongodb-session
Advanced tools
MongoDB session store for connect/express built by MongoDB
MongoDB-backed session storage for connect and Express. Meant to be a well-maintained and fully-featured replacement for modules like connect-mongo
This module exports a single function which takes an instance of connect
(or Express) and returns a MongoDBStore class that can be used to
store sessions in MongoDB.
If you pass in an instance of the
express-session module
the MongoDBStore class will enable you to store your Express sessions
in MongoDB.
The MongoDBStore class has 3 required options:
uri: a MongoDB connection stringdatabaseName: the MongoDB database to store sessions incollection: the MongoDB collection to store sessions inNote: You can pass a callback to the MongoDBStore constructor,
but this is entirely optional. The Express 3.x example demonstrates
that you can use the MongoDBStore class in a synchronous-like style: the
module will manage the internal connection state for you.
var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);
var app = express();
var store = new MongoDBStore({
uri: 'mongodb://127.0.0.1:27017/connect_mongodb_session_test',
collection: 'mySessions'
});
// Catch errors
store.on('error', function(error) {
console.log(error);
});
app.use(require('express-session')({
secret: 'This is a secret',
cookie: {
maxAge: 1000 * 60 * 60 * 24 * 7 // 1 week
},
store: store,
// Boilerplate options, see:
// * https://www.npmjs.com/package/express-session#resave
// * https://www.npmjs.com/package/express-session#saveuninitialized
resave: true,
saveUninitialized: true
}));
app.get('/', function(req, res) {
res.send('Hello ' + JSON.stringify(req.session));
});
server = app.listen(3000);
You should pass a callback to the MongoDBStore constructor to catch
errors. If you don't pass a callback to the MongoDBStore constructor,
MongoDBStore will throw if it can't connect.
var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);
var app = express();
var store = new MongoDBStore(
{
uri: 'mongodb://bad.host:27000/connect_mongodb_session_test?connectTimeoutMS=10',
databaseName: 'connect_mongodb_session_test',
collection: 'mySessions'
},
function(error) {
// Should have gotten an error
});
store.on('error', function(error) {
// Also get an error here
});
app.use(session({
secret: 'This is a secret',
cookie: {
maxAge: 1000 * 60 * 60 * 24 * 7 // 1 week
},
store: store,
// Boilerplate options, see:
// * https://www.npmjs.com/package/express-session#resave
// * https://www.npmjs.com/package/express-session#saveuninitialized
resave: true,
saveUninitialized: true
}));
app.get('/', function(req, res) {
res.send('Hello ' + JSON.stringify(req.session));
});
server = app.listen(3000);
There are several other options you can pass to new MongoDBStore():
var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);
var store = new MongoDBStore({
uri: 'mongodb://127.0.0.1:27017/connect_mongodb_session_test',
collection: 'mySessions',
// By default, sessions expire after 2 weeks. The `expires` option lets
// you overwrite that by setting the expiration in milliseconds
expires: 1000 * 60 * 60 * 24 * 30, // 30 days in milliseconds
// Lets you set options passed to `MongoClient.connect()`. Useful for
// configuring connectivity or working around deprecation warnings.
connectionOptions: {
serverSelectionTimeoutMS: 10000
}
});
It can support MongoDB instances inside Azure Cosmos. As Cosmos can only support
time-based index on fields called _ts, you will need to update your configuration.
Unlike in MongoDB, Cosmos starts the timer at the point of document creation so the
expiresAfterSeconds should have the same value as expires - as expires is in
milliseconds, the expiresAfterSeconds must equal expires / 1000.
var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);
var store = new MongoDBStore({
uri: 'mongodb://username:password@cosmosdb-name.mongo.cosmos.azure.com:10255/?ssl=true&replicaSet=globaldb&retrywrites=false&maxIdleTimeMS=120000&appName=@cosmosdb-name@',
databaseName: 'myDb',
collection: 'mySessions',
// Change the expires key name
expiresKey: `_ts`,
// This controls the life of the document - set to same value as expires / 1000
expiresAfterSeconds: 60 * 60 * 24 * 14
});
FAQs
MongoDB session store for connect/express built by MongoDB
The npm package connect-mongodb-session receives a total of 11,889 weekly downloads. As such, connect-mongodb-session popularity was classified as popular.
We found that connect-mongodb-session demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.