Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

connect-pg-simple

Package Overview
Dependencies
Maintainers
1
Versions
31
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

connect-pg-simple

A simple, minimal PostgreSQL session store for Connect/Express

  • 7.0.0-0
  • next
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
17K
decreased by-54.51%
Maintainers
1
Weekly downloads
 
Created
Source

Connect PG Simple

A simple, minimal PostgreSQL session store for Express/Connect

js-semistandard-style Build Status dependencies Status Known Vulnerabilities FOSSA Status Average time to resolve an issue Percentage of issues still open Language grade: JavaScript

Installation

npm install connect-pg-simple

Once npm installed the module, you need to create the "session" table in your database.

For that you can use the table.sql file provided with the module:

psql mydatabase < node_modules/connect-pg-simple/table.sql

Or simply play the file via a GUI, like the pgAdminIII queries tool.

Or instruct this module to create it itself, by setting the createTableIfMissing option.

Note that connect-pg-simple requires PostgreSQL version 9.5 or above.

Usage

Examples are based on Express 4.

Simple example:

const session = require('express-session');

app.use(session({
  store: new (require('connect-pg-simple')(session))({
    // Insert connect-pg-simple options here
  }),
  secret: process.env.FOO_COOKIE_SECRET,
  resave: false,
  cookie: { maxAge: 30 * 24 * 60 * 60 * 1000 } // 30 days
  // Insert express-session options here
}));

Advanced example showing some custom options:

const pg = require('pg');
const expressSession = require('express-session');
const pgSession = require('connect-pg-simple')(expressSession);

const pgPool = new pg.Pool({
    // Insert pool options here
});

app.use(expressSession({
  store: new pgSession({
    pool : pgPool,                // Connection pool
    tableName : 'user_sessions'   // Use another table-name than the default "session" one
    // Insert connect-pg-simple options here
  }),
  secret: process.env.FOO_COOKIE_SECRET,
  resave: false,
  cookie: { maxAge: 30 * 24 * 60 * 60 * 1000 } // 30 days
  // Insert express-session options here
}));

Advanced options

Connection options

Listed in the order they will be picked up. If multiple are defined, then the first in the lists that is defined will be used, the rest ignored.

  • pool - The recommended one – Connection pool object (compatible with pg.Pool) for the underlying database module.
  • pgPromise - Database object from pg-promise to be used for DB communications.
  • conObject - If you don't specify a pool object, use this option or conString to specify a PostgreSQL Pool connection object and this module will create a new pool for you.
  • conString - If you don't specify a pool object, use this option or conObject to specify a PostgreSQL connection string and this module will create a new pool for you. If the connection string is in the DATABASE_URL environment variable (as you do by default on eg. Heroku) – then this module fallback to that if this option is not specified.

Other options

  • ttl - the time to live for the session in the database – specified in seconds. Defaults to the cookie maxAge if the cookie has a maxAge defined and otherwise defaults to one day.
  • createTableIfMissing - if set to true then creates the table in the case where the table does not already exist. Defaults to false.
  • disableTouch – boolean value that if set to true disables the updating of TTL in the database when using touch. Defaults to false.
  • schemaName - if your session table is in another Postgres schema than the default (it normally isn't), then you can specify that here.
  • tableName - if your session table is named something else than session, then you can specify that here.
  • pruneSessionInterval - sets the delay in seconds at which expired sessions are pruned from the database. Default is 60 seconds. If set to false no automatic pruning will happen. By default every delay is randomized between 50% and 150% of set value, resulting in an average delay equal to the set value, but spread out to even the load on the database. Automatic pruning will happen pruneSessionInterval seconds after the last pruning (includes manual prunes).
  • pruneSessionRandomizedInterval – if set to false, then the exact value of pruneSessionInterval will be used in all delays. No randomization will happen. If multiple instances all start at once, disabling randomization can mean that multiple instances are all triggering pruning at once, causing unnecessary load on the database. Can also be set to a method, taking a numeric delay parameter and returning a modified one, thus allowing a custom delay algorithm if wanted.
  • errorLog – the method used to log errors in those cases where an error can't be returned to a callback. Defaults to console.error(), but can be useful to override if one eg. uses Bunyan for logging.

Useful methods

  • close() – if this module used its own database module to connect to Postgres, then this will shut that connection down to allow a graceful shutdown. Returns a Promise that will resolve when the database has shut down.
  • pruneSessions([callback(err)]) – will prune old sessions. Only really needed to be called if pruneSessionInterval has been set to false – which can be useful if one wants improved control of the pruning.

License

FOSSA Status

For enterprise

Available as part of the Tidelift Subscription.

The maintainers of connect-pg-simple and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. Learn more.

FAQs

Package last updated on 18 Jan 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc