Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

express-session-mongo

Package Overview
Dependencies
Maintainers
1
Versions
5
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

express-session-mongo

MongoDB Session Store for ExpressJS

Source
npmnpm
Version
0.0.4
Version published
Weekly downloads
6
-57.14%
Maintainers
1
Weekly downloads
 
Created
Source

MongoDB Session Storage for ExpressJS

This module is an addon for ExpressJS that adds a new Session Storage device.

Install

npm install https://github.com/trottski/express-session-mongo/archive/master.tar.gz

Usage

The standard usage, is to just pass an instantiated MongoStore instance to the session plugin.

var xp = require('express'),
    MongoStore = require('express-session-mongo');

var app = xp.createServer();

app.configure(function(){
    app.use(xp.cookieDecoder());
    app.use(xp.session({ store: new MongoStore() }));
    app.use(app.router);
});

You can also pass several options to the constructor to tweak your session store:

  • db - The name of the db to use, defaults to: express-sessions
  • ip - The IP address of the server to connect to, defaults to: 127.0.0.1
  • port - The Port to connect to, defaults to: 27017
  • collection - The collection to save it's data to, defaults to: sessions
  • server - A custom mongo Server instance (this overides db, ip & port):
  • fsync - Confirm writes after they have been flushed to disk, default: false.
  • native_parser - Use BSON native parser, defaults to: true.
  • username - The username for the database.
  • password - The password which corresponds to the database
  • authenciated - An err-first callback that fires once connected and an auth attempt is made.
var CustomServer = new Server(123.456.789.1, 12345, { auto_reconnect: true }, {});
app.use(xp.session({ store: new MongoStore({ server: CustomServer }) }));

Removing stale sessions

MongoDB 2.2 and above supports doing this via an index, see http://docs.mongodb.org/manual/tutorial/expire-data/ To enable this, run

db.sessions.ensureIndex( { "lastAccess": 1 }, { expireAfterSeconds: 3600 } )

Mongo will now remove all sessions older than an hour (every 60 seconds).

Changes from davglass/express-session-mongo

  • Removes connect as a dependency
  • Adds fsync and native_parser options to constructor
  • Removes manual session cleanup cleanup code (see Removing stale sessions below)

License

Licensed under my standard BSD license.

Based on these classes

FAQs

Package last updated on 23 May 2014

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains

Research

SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains

An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

By Socket Research Team  -  Feb 20, 2026
Socket Joins the OpenJS Foundation

Company News

Socket Joins the OpenJS Foundation

Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

By Sarah Gooding  -  Feb 19, 2026