Security News
Input Validation Vulnerabilities Dominate MITRE's 2024 CWE Top 25 List
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
svelte-kit-connect-upstash-redis
Advanced tools
Upstash Redis session storage for svelte-kit-sessions.
svelte-kit-connect-upstash-redis provides Upstash Redis session storage for svelte-kit-sessions.
svelte-kit-connect-upstash-redis requires svelte-kit-sessions
to installed.
$ npm install @upstash/redis svelte-kit-connect-upstash-redis svelte-kit-sessions
$ yarn add @upstash/redis svelte-kit-connect-upstash-redis svelte-kit-sessions
$ pnpm add @upstash/redis svelte-kit-connect-upstash-redis svelte-kit-sessions
svelte-kit-connect-upstash-redis
can be used as a custom store for svelte-kit-sessions
as follows.
Note For more information about svelte-kit-sessions
, see https://www.npmjs.com/package/svelte-kit-sessions.
// src/hooks.server.ts
import type { Handle } from '@sveltejs/kit';
import { sveltekitSessionHandle } from 'svelte-kit-sessions';
import RedisStore from 'svelte-kit-connect-upstash-redis';
import { Redis } from '@upstash/redis'; // <- for Node
// import { Redis } from '@upstash/redis/cloudflare'; // <- for Cloudflare
// import { Redis } from '@upstash/redis/fastly'; // <- for Fastly
const client = new Redis({
url: '{your upstash redis rest url}',
token: '{your upstash redis rest token}'
});
export const handle: Handle = sveltekitSessionHandle({
secret: 'secret',
store: new RedisStore({ client })
});
import RedisStore from 'svelte-kit-connect-upstash-redis';
new RedisStore(options);
Create a Redis store for svelte-kit-sessions
.
A summary of the options
is as follows.
Name | Type | required/optional | Description |
---|---|---|---|
client | upstashRedis.Redis | upstashRedisCloudflare.Redis | upstashRedisFastly.Redis | required | An instance of @upstash/redis |
prefix | string | optional | Key prefix in Redis (default: sess: ). |
serializer | Serializer | optional | Provide a custom encoder/decoder to use when storing and retrieving session data from Redis (default: JSON.parse and JSON.stringify ). |
ttl | number | optional | ttl to be used if ttl is Infinity when used from svelte-kit-sessions |
An instance of @upstash/redis
. You can use to all of @upstash/redis (node, cloudflare, fastly).
Key prefix in Redis (default: sess:
).
Provide a custom encoder/decoder to use when storing and retrieving session data from Redis (default: JSON.parse
and JSON.stringify
).
Note When setting up a custom serializer, the following interface must be satisfied.
interface Serializer {
parse(s: string): SessionStoreData | Promise<SessionStoreData>;
stringify(data: SessionStoreData): string;
}
When svelte-kit-sessions
calls a method of the store (the set
function), ttl(milliseconds) is passed to it. However, if the cookie options expires
and maxAge
are not set, the ttl passed will be Infinity.
If the ttl passed is Infinity, the ttl to be set can be set with this option. The unit is milliseconds.
// `svelte-kit-connect-upstash-redis` implementation excerpts
const ONE_DAY_IN_SECONDS = 86400;
export default class RedisStore implements Store {
constructor(options: RedisStoreOptions) {
this.ttl = options.ttl || ONE_DAY_IN_SECONDS * 1000;
}
ttl: number;
async set(id: string, storeData: SessionStoreData, ttl: number): Promise<void> {
// omission ...
if (ttl !== Infinity) {
// if `ttl` passed as argument is *not* Infinity, use the argument `ttl` as it is.
await this.client.set(key, serialized, { PX: ttl });
return;
}
// if `ttl` passed as argument is Infinity, use `options.ttl` or default.
await this.client.set(key, serialized, { PX: this.ttl });
}
}
FAQs
Upstash Redis session storage for svelte-kit-sessions.
We found that svelte-kit-connect-upstash-redis demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.