Yet another redis session thing for node.
This is built on top of jed/cookies. You can optionally pass in a KeyGrip instance, or an array of keys to use to sign cookies.
Sessions are now stored as stringified JSON objects using set and get.
This means that all sessions that were created using previous versions of
redsess will need to be cleared out/nuked/obliterated. Before upgrading
to 1.0.0, let your users know that their sessions will be removed!
var RedSess = require('redsess')
, http = require('http')
, Cookies = require('cookies')
, Keygrip = require('keygrip')
, keys = new Keygrip(['some secret keys here'])
// Create a client with the options that you'd pass to node_redis
RedSess.createClient(redisOptions)
http.createServer(function (req, res) {
var session = new RedSess(req, res, {
keys: keys, // if keys are provided, they'll be used
cookieName: 's',
expire: expirationInSeconds, // default = 2 weeks
client: redisClient, // defaults to RedSess.client
keys: [ "this is a string key" ], // will be made into a keygrip obj
keys: new KeyGrip(keys), // this way also works
})
// you can decorate like this if you chose
req.session = session
res.session = session
// .. and then some time later ..
req.session.get('auth', function (er, auth) {
if (!auth) {
// redirect to login page
} else {
// do authorized login things
}
})
// .. on the login page, if there's a post ..
validateLogin(postedData, function (er, isValid) {
if (isValid)
req.session.set('auth', postedData)
})
// .. on the logout page ..
req.session.del('auth', function (er) {
// user is now logged out
})
}).listen(1337)
expire {Number} Time in seconds that sessions last Default=2 weekscookieName {String} Cookie name to use for session id's. Default = 's'keys A Keygrip instance to use
to sign the session token cookie. (If an array is passed in, then
RedSess will make a KeyGrip obj out of it.)client If you have another redis client you'd like to use, then
you can do so.cookies If you already have a Cookies object, you may pass that
in. If not specified, then it'll make a new one for you.cookieOptions an object that extends the options object that is passed to
cookies.set and cookies.getCallbacks are all the standard cb(er, result) style.
Deep objects are supported, but cycles in data objects will cause terrible explosively bad awful undefined behavior, so DON'T DO THAT.
Calls redis.createClient with the supplied options. See
node_redis for more details.
(opts.host and opts.port are passed to redis.createClient as positional
arguments, not on the configuration object.)
If there's an opts.auth member, then it will use that string as a
password to redis.
Sets a key on the session.
Sets a hash of keys and values on the session.
Fetches the key from the session.
Fetches all keys from the session. If there is no data in the
session, then it'll return null.
Deletes a key from the session.
Deletes the entire session.
FAQs
Yet another redis session thing for node
We found that redsess demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A malicious Chrome extension steals newly created MEXC API keys, exfiltrates them to Telegram, and enables full account takeover with trading and withdrawal rights.
Security News
CVE disclosures hit a record 48,185 in 2025, driven largely by vulnerabilities in third-party WordPress plugins.
Security News
Socket CEO Feross Aboukhadijeh joins Insecure Agents to discuss CVE remediation and why supply chain attacks require a different security approach.