react-session-hook
Advanced tools
👤
react-session-hook
Stateful sessions made easy
Coming soon
📋Server-side renderingInstall react-session-hook using yarn:
yarn add react-session-hook
Or npm:
npm install --save react-session-hook
And within your react component:
import useSession, { UseSessionProvider } from 'react-session-hook';
const Component = () => {
const session = useSession();
const handleLogin = () => session.setSession({ token: newToken })
const handleLogout = () => session.removeSession()
if (session.isAuthenticated) {
return (
<div>
<div>Logged in as: {session.profile.name}</div>
<button onClick={handleLogout}>Logout</button>
</div>
)
} else {
return (
<div>
<div>You are logged out</div>
<button onClick={handleLogin}>Login</button>
</div>
)
}
}
export const App = () => (
<UseSessionProvider>
<Component />
</UseSessionProvider>
)
See the examples folder
{
// The initial value for a token.
// If undefined, they will default to the value in storage
initialAccessToken: String (optional)
initialIdToken: String (optional)
initialRefreshToken String (optional)
initialToken: String (optional)
// The session profile.
// If undefined, they will follow this logic
//
// If profileFn = True
// Set as the return value of profileFn
// Else if jwt = True
// This will be set as the payload of the id Token or token
initialProfile: Object (optional)
// Attempt to parse profile and expiration date from the tokens
jwt: Boolean (True)
// Date object for the session expiration
// If jwt = True
// Uses the 'exp' field in the accessToken or token body
// If there is no 'exp' field, this value is used
// If no expiration is set the session will expire after 10 hours
// Set value to null to explicitly set a session that never expires
expiration: Date (optional)
// Returned object passed to setSession
// Notes:
// - will not be fired if isAuthenticated = false
// - will be fired before the refreshInterval
// if session expires before refresh period
refreshFn: async (session) => Session (optional)
// How often the refreshFn is called.
refreshInterval: Number (1 * 60 * 60 * 1000) // 1 hours
// Provide your own profile parsing logic. Useful for string tokens
profileFn: (String) => Object | void
// Defaults to cookie storage. See Storage for more information
storage: Storage (optional)
// See: Server-Side Rendering for more information
req: Request (optional)
// See: Global login/logout for more information
globalLogin: Boolean (True)
globalLogout: Boolean (True)
}
{
// The session tokens
token: String | void
accessToken: String | void
idToken: String | void
refreshToken: String | void
// Manually update the session and storage
setSession: Function (options) => void
// Manually remove the session (will clear storage)
removeSession: Function () => void
profile: Object | void
expiration: Date | null
// If an accessToken or token exists and has not expired
isAuthenticated: Boolean
// See: Typescript section for more information
isAuthenticatedGuard: () => Boolean
// You can manually invoke the refreshFn
refreshFn: Function (options) => options
// If null, the refreshFn is paused.
refreshInterval: Number | null
}
By default, browser tabs are kept in sync. If removeSession is called in one tab, it will be called in all tabs
If you wish to disable this behaviour set globalLogout and globalLogin to false in the options
If the req option is used, the package assumes you are performing Server Side Rendering. If you are using the default cookie storage, it will switch to using the request headers and an in-memory store.
If you are using a custom storage, the request will be passed to your store.
react-session-hook was written in Typescript and includes typings out of the box.
It also includes the isAuthenticatedGuard function, which acts as a typeguard between an
authenticated and authenticated session
import useSession from 'react-session-hook';
interface Profile {
name: string
}
export default () => {
// use the JWT values in storage
const session = useSession<Profile>();
if (session.isAuthenticatedGuard()) {
// Typed as session.profile = Profile
return <div>Logged in as: {session.profile.name}</div>
} else {
// Typed as session.profile = null
return <div>You are logged out</div>
}
}
By defaut, your session tokens will be stored as seperate cookies. You can overwrite this by providing custom storage functions in the useSession options
See the cookies storage functions for more information
The setSesson function can also be used to update some of the options. You can update the refreshFn with setSession({ refreshFn }) or disable the refresh with setSession({ refreshInterval: null })
FAQs
ReactJS hook to manage session state and storage
The npm package react-session-hook receives a total of 15 weekly downloads. As such, react-session-hook popularity was classified as not popular.
We found that react-session-hook demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.