react-session-hook
Advanced tools
👤
react-session-hook
Stateful sessions made easy
Install react-session-hook using yarn:
yarn add react-session-hook
Or npm:
npm install --save react-session-hook
And within your react component:
import useSession from 'react-session-hook';
// Global config
useSession.config(options)
export default () => {
const session = useSession();
// or with a local config
const session = useSession(options);
const handleLogin = () => {
// Fetch user tokens
session.setSession({
token: newToken
})
}
const handleLogout = () => session.removeSession()
if (session.isAuthenticated) {
return (
<div>
<div>Logged in as: {session.profile.name}</div>
<button onClick={handleLogout}>Logout</button>
</div>
)
} else {
return (
<div>
<div>You are logged out</div>
<button onClick={handleLogin}>Login</button>
</div>
)
}
}
See the examples folder
{
// Set this initial value for a token.
// If undefined, they will default to the value in storage
accessToken: String (optional)
idToken: String (optional)
refreshToken String (optional)
token: String (optional)
// Attempt to parse profile and expiration date from the tokens
jwt: Boolean (True)
// The session profile.
// If jwt = True
// This will be set as the payload of the id Token or token
profile: Object (optional)
// Date object for the session expiration
// If jwt = True
// Uses the 'exp' field in the accessToken or token body
// If there is no 'exp' field, this value is used
// If no expiration is set the session will expire after 10 hours
// Set value to null to explicitly set a session that never expires
expiration: Date (optional)
// Returned object passed to setSession
// Notes:
// - will not be fired if isAuthenticated = false
// - will be fired before the refreshInterval
// if session expires before refresh period
refreshFn: async (session) => Session (optional)
// How often the refreshFn is called.
refreshInterval: Number (1 * 60 * 60 * 1000) // 1 hours
// Provide your own profile parsing logic. Useful for string tokens
profileFn: (String) => Object | void
// Defaults to cookie storage. See Storage for more information
storage: Storage (optional)
// See: Server-Side Rendering for more information
req: Request (optional)
// See: Global login/logout for more information
globalLogin: Boolean (True)
globalLogout: Boolean (True)
}
{
// The session tokens
token: String | void
accessToken: String | void
idToken: String | void
refreshToken: String | void
// Manually update the session and storage
setSession: Function (options) => void
// Manually remove the session (will clear storage)
removeSession: Function () => void
profile: Object | void
expiration: Date | null
// If an accessToken or token exists and has not expired
isAuthenticated: Boolean
// See: Typescript section for more information
isAuthenticatedGuard: () => Boolean
// You can manually invoke the refreshFn
refreshFn: Function (options) => options
// If null, the refreshFn is paused.
refreshInterval: Number | null
}
By default, browser tabs are kept in sync. If removeSession is called in one tab, it will be called in all tabs
If you wish to disable this behaviour set globalLogout and globalLogin to false in the options
If the req option is used, the package assumes you are performing Server Side Rendering. If you are using the default cookie storage, it will switch to using the request headers and an in-memory store.
If you are using a custom storage, the request will be passed to your store.
react-session-hook was written in Typescript and includes typings out of the box.
It also includes the isAuthenticatedGuard function, which acts as a typeguard between an
authenticated and authenticated session
import useSession from 'react-session-hook';
interface Profile {
name: string
}
export default () => {
// use the JWT values in storage
const session = useSession<Profile>();
if (session.isAuthenticatedGuard()) {
// Typed as session.profile = Profile
return <div>Logged in as: {session.profile.name}</div>
} else {
// Typed as session.profile = null
return <div>You are logged out</div>
}
}
The setSesson function can also be used to update some of the options. You can update the refreshFn with setSession({ refreshFn }) or disable the refresh with setSession({ refreshInterval: null })
FAQs
ReactJS hook to manage session state and storage
We found that react-session-hook demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket researchers discovered nine malicious NuGet packages that use time-delayed payloads to crash applications and corrupt industrial control systems.
Security News
Socket CTO Ahmad Nassri discusses why supply chain attacks now target developer machines and what AI means for the future of enterprise security.
Security News
Learn the essential steps every developer should take to stay secure on npm and reduce exposure to supply chain attacks.