In your Hitchy-based application run this command
npm install --save @hitchy/plugin-session @hitchy/plugin-cookies
to install this plugin.
As illustrated above you are in charge of installing @hitchy/plugin-cookies which is a mandatory dependency for this plugin. So, if you get an error regarding some unmet dependency on a role cookies you might need to repeat this command exactly as given.
After restarting your Hitchy-based application it is discovering this plugin and instantly injecting policy for selecting server-side session by ID provided in cookie passed with every request. Usually, this is done by browsers implicitly. Any request missing cookie with session's ID causes start of another session and injecting instructions for saving cookie in response.
On server side the session is exposed in
req.session. It consists of multiple properties:
useris provided to expose name and roles of some user. Managing current user is basically out of this plugin's scope. See hitchy-plugin-auth for that.
user.nameis expected to be a string containing name of current user.
user.rolesis a list of roles current user is authorized for.
datais an object prepared to hold arbitrary data.
This plugin may be customized via section
session of configuration. Currently, there is no actually supported parameter, but some preparation for selecting backend to use for persisting session data.
Create a file adjusting configuration section
session in /config/session.js with content like this:
exportssession =backend: ...;
This example doesn't work due to omitting example for configuring backend which isn't supported, yet.
The current version doesn't support persistency, thus all sessions get lost on restarting Hitchy.