Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Redis session manager for NodeJS
$ npm install redisess --save
The example blow show how can you use Redisess in a simple express applicaiton.
import express from 'express';
import Redis from 'ioredis';
import {SessionManager} from 'redisess';
const redis = new Redis();
const manager = new SessionManager(redis, {
namespace: 'myapp',
additionalFields: ['groupId'],
ttl: 120 // Default Time-To-Live value in seconds: 120 seconds
});
const app = express();
app.get('/login', async function (req, res) {
const userName = req.query.userName;
const pass = req.query.password;
//...Login application logic here
const session = await sm.create(userName, {
ttl: 240, // You can overwrite ttl value per session
groupId: 111 // You can store additional values
});
res.send('Your session id is '+session.sessionId);
});
app.get('/killSession/:sessionid', async function (req, res) {
await sm.kill(req.params.sessionid);
res.send('Session ' + req.params.sessionid + ' is closed');
});
app.get('/killUser/:userId', async function (req, res) {
await sm.killUser(req.params.userId);
res.send('All sessions for user "' + req.params.userId +'" are closed.');
})
app.listen(3000);
Returns the number of sessions within the last n seconds. Get all session count if n is not defined or zero
count(secs: number = 0): Promise<number>
Retrieves session count of single user which were active within the last n seconds.
countForUser(userId: string, secs: number = 0): Promise<number>
Creates a new session for the user
create(userId: string, props?: { ttl?: number, [index: string]: any }): Promise<Session>
Retrieves session by sessionId
get(sessionId: string, noUpdate: boolean = false): Promise<Session>
Retrieves all session ids which were active within the last n seconds.
getAllSessions(secs: number): Promise<string[]>
Retrieves all user ids which were active within the last n seconds.
getAllUsers(secs: number): Promise<string[]>
Retrieves session ids of single user which were active within the last n seconds.
getUserSessions(userId: string, n: number = 0): Promise<string[]>
Retrieves oldest session of user
getOldestUserSession(userId: string, noUpdate: boolean = false): Promise<Session>
Returns true if sessionId exists, false otherwise
exists(sessionId: string): Promise<Boolean>
Kills single session
kill(sessionId: string): Promise<void>
Kills all sessions of user
killUser(userId: string): Promise<void>
Kills all sessions for application
killAll(): Promise<void>
Retrieves present time.
now(): Promise<number>
Stops wipe timer
quit(): void
Returns session id value
sessionId(): string
Returns user id value
userId(): string
Returns Time-To-Live value
ttl(): number
Returns the time (unix) of last access
lastAccess(): number
Returns the time (unix) that session be expired.
expires(): number
Returns duration that session be expired.
expiresIn(): number
Returns validation of session and user with last access control.
valid(): boolean
Returns idle duration in seconds.
idle(): number
Returns any additional field value
Reads session info from redis server
read(): Promise<void>
Retrieves user data from session.
get(key): Promise<any>
Stores user data to session
set(key, value): Promise<number>
Kills the session
kill(): Promise<void>
Write session to redis server.
write(): Promise<void>
To see changelog click here
Available under MIT license.
FAQs
Powerful redis session manager for NodeJS
The npm package redisess receives a total of 8 weekly downloads. As such, redisess popularity was classified as not popular.
We found that redisess demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.