Nonvoluntary Professional Mangling

    connect-redis-crypto

    4.0.5 • Public • Published

    npm travis code-style Downloads

    connect-redis-crypto provides Redis session storage for Express. Requires Redis >= 2.0.0.

    Migrating to V4? See this guide on what's changed.

    Installation

    npm:

    npm install redis connect-redis-crypto express-session

    Yarn:

    yarn add redis connect-redis-crypto express-session

    API

    const redis = require('redis')
    const session = require('express-session')
     
    let RedisStore = require('connect-redis-crypto')(session)
    let redisClient = redis.createClient()
     
    app.use(
      session({
        store: new RedisStore({ client: redisClient, secret: "squirrel" }),
        secret: 'keyboard cat',
        resave: false,
      })
    )

    RedisStore(options)

    The RedisStore requires an existing Redis client. Any clients compatible with the redis API will work. See client option for more details.

    Options

    client

    An instance of redis or a redis compatible client.

    Known compatible and tested clients:

    prefix

    Key prefix in Redis (default: sess:).

    This prefix appends to whatever prefix you may have set on the client itself.

    Note: You may need unique prefixes for different applications sharing the same Redis instance. This limits bulk commands exposed in express-session (like length, all, keys, and clear) to a single application's data.

    ttl

    If the session cookie has a expires date, connect-redis will use it as the TTL.

    Otherwise, it will expire the session using the ttl option (default: 86400 seconds or one day).

    Note: The TTL is reset every time a user interacts with the server. You can disable this behavior in some instances by using disableTouch.

    Note: express-session does not update expires until the end of the request life cycle. Calling session.save() manually beforehand will have the previous value.

    disableTouch

    Disables re-saving and resetting the TTL when using touch (default: false)

    The express-session package uses touch to signal to the store that the user has interacted with the session but hasn't changed anything in its data. Typically, this helps keep the users session alive if session changes are infrequent but you may want to disable it to cut down the extra calls or to prevent users from keeping sessions open too long. Also consider enabling if you store a lot of data on the session.

    Ref: https://github.com/expressjs/session#storetouchsid-session-callback

    serializer

    The encoder/decoder to use when storing and retrieving session data from Redis (default: JSON).

    interface Serializer {
      parse(string): object
      stringify(object): string
    }
    scanCount

    Value used for count parameter in Redis SCAN command. Used for ids() and all() methods (default: 100).

    FAQ

    How to log Redis errors?

    client.on('error', console.error)

    How do I handle lost connections to Redis?

    By default, the redis client will auto-reconnect on lost connections. But requests may come in during that time. In Express, one way you can handle this scenario is including a "session check":

    app.use(session(/* setup session here */))
    app.use(function(req, res, next) {
      if (!req.session) {
        return next(new Error('oh no')) // handle error
      }
      next() // otherwise continue
    })

    If you want to retry, here is another option.

    License

    MIT

    Install

    npm i connect-redis-crypto

    DownloadsWeekly Downloads

    503

    Version

    4.0.5

    License

    MIT

    Unpacked Size

    18.2 kB

    Total Files

    11

    Last publish

    Collaborators

    • jas-