Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
connect-mysql
Advanced tools
Readme
This is a simple MySQL backed session store for connect.
It uses the node-mysql module already installed in your project to establish and pool connections.
Changes introduced in v2.2 mean sessions stored in earlier versions are not backwards compatible with v2.2. It it recommended that you clear the session table; alternately sessions will be discarded with a warning message.
table
: the name of the database table that should be used for storing sessions. Defaults to 'sessions'
pool
: a node-mysql connection pool or true
if the store should instantiate its own poolconfig
: the configuration that will be passed to createConnection()
or createPool()
if pool is true
retries
: how many times to retry connecting to the database before failing. Defaults to 3
keepalive
: keep pooled connections open by periodically pinging them. Set to true
to use the default interval of 30000
ms or provide a positive number to set your own. Defaults to true
.cleanup
: a boolean specifying whether to enable the cleanup events. note that if this is disabled, cleanup will not take place at all and should be done externally. Sessions with an expiration time of 0
will always be ignored and should also be cleaned up externally.secret
: key that will be used to encrypt session data. If this option is not provided then data will be stored in plain textalgorithm
: the algorithm that should be used to encrypt session data. Defaults to 'aes-256-ctr'
Here are some example use cases to get your application up and running.
Simple use case using the express
framework & connect-session
middleware with connect-mysql
as the data store.
var express = require('express'), // express framework
session = require('express-session'), // session middleware
cookieParser = require('cookie-parser'), // cookie middleware
MySQLStore = require('connect-mysql')(session), // mysql session store
options = {
config: {
user: 'username',
password: 'password',
database: 'databasename'
}
},
app = express();
app.use(cookieParser());
app.use(session({
secret: 'keyboard cat',
resave: false,
saveUninitialized: true,
cookie: {
httpOnly: false,
secure: false,
maxAge: 1000 * 60 * 60 * 24 * 3,
expires: 1000 * 60 * 60 * 24 * 3
},
store: new MySQLStore(options) // Change the express session store
}));
app.get('/', function (req, res) {
if (req.session.views) {
req.session.views++
} else {
req.session.views = 1;
}
res.send('Hello world! '+req.session.views);
});
app.listen(3000, 'localhost');
For those MySQL installations that make use of pools the following examples are available.
var mysql = require('mysql'),
options = {
pool: mysql.createPool({
user: 'dbuser',
password: 'dbpassword',
database: 'db'
})
};
Or
var options = {
pool: true,
config: {
user: 'dbuser',
password: 'dbpassword',
database: 'db'
}
};
This option enables transparent session encryption assisting
var options = {
secret: 'thesessionsecret',
config: {
user: 'dbuser',
password: 'dbpassword',
database: 'db'
}
};
Contributions are welcome & appreciated. Refer to the contributing document to help facilitate pull requests.
This software is licensed under the MIT License.
Nathan LaFreniere, Copyright (c) 2012 &Yet
FAQs
a MySQL session store for connect
The npm package connect-mysql receives a total of 449 weekly downloads. As such, connect-mysql popularity was classified as not popular.
We found that connect-mysql demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.