Lightweight Session management middleware for ExpressJS with garbage collection of timeout session keys.
Follow this project on github for the newest releases and updates.
Why another session middleware?
Beause express-session middleware has purposely made it's
Memorystore to leak.
express-Session-lw doesn't leak and has automatic hoovering of idle session keys.
Dont take my word for it:
(quote from express-session doc) Warning The default server-side session storage, Memory Store , is purposely not designed for a production environment. It will leak memory under most conditions, does not scale past a single process, and is meant for debugging and developing.
Keys are stored in memory.
Garbage collection runs at specified user configurable intervals.
Can co-exist with CookieParser middle-ware.
Per session settable idle time.
Timeout session keys are automatically replaced by new ones , and an empty session store is associated with the new key.
npm install --save express-session-lw
functions exported by the module
|this||options object (see next section)||Initialize middle-ware|
|gc||none||garbage collector, you can call it explicitly|
|getSessionData||key (user session key)||fetch the session data object belonging to a session key|
const express = ;var app = ;const express_session_lw = ;app;
Options object properties
|Property name||Description||Default Value|
|debug||Will show tracing/logging info via console.log||false|
|globalTimeOut||The time for a session to be idle (no browser activity) before the session key is discarded||30 (seconds)|
|garbageCollect||garbage collector interval to hoover up , timed out session keys||500 (seconds)|
|sessionKeyName||The name of the cookie to be used as session key||"lw_session_id"|
const express = ;var app = ;const express_session_lw = ;const session_middleware =;app;
Example use of garbage collector and session data fetch outside of express middleware.
// explicity call the garbage collectorexpress_session_lw;// fetch from global memory store,// the session related storage object using the session key.var session_data = express_session_lw;
The object property
session_data is automatically added to the request object, with the following properties
|key||key value as (string)|
|last_access||integer unix timestamp of the last time this session key was used.|
Adjust max idle time on a per session basis
Add the property
timeout to the request object and will override
globalTimeOut in the option object used to initialize the middleware
Adding data to the session:
Just add your own custom properties to the