hapi-server-session
Simple server-side session support for hapi
Install
$ npm install hapi-server-session
Example
'use strict';
const hapi = require('hapi');
const server = new hapi.Server();
server.connection({
host: 'localhost',
address: '127.0.0.1',
port: 8000,
});
server.register({
register: require('hapi-server-session'),
options: {
cookie: {
isSecure: false,
},
},
}, function (err) { if (err) { throw err; } });
server.route({
method: 'GET',
path: '/',
handler: function (request, reply) {
request.session.views = request.session.views + 1 || 1;
reply('Views: ' + request.session.views);
},
});
server.start();
Options
-
algorithm
: [Default:'sha256'
] algorithm to use during signing -
cache
: supports the same options asserver.cache(options)
-
expiresIn
: [Default: session idexpiresIn
if set or2147483647
] session cache expiration in milliseconds -
segment
: [Default:'session'
] session cache segment
-
-
cookie
: supports the same options asserver.state(name, [options])
-
isHttpOnly
: [Default:true
] sets the HttpOnly flag -
isSecure
: [Default:true
] sets the secure flag. Should never be set tofalse
in production
-
-
expiresIn
: session id expiration in milliseconds. Prevents intercepted cookies from working perpetually. Requireskey
-
name
: [Default:'id'
] name of the cookie -
key
: signing key. Prevents weaknesses in randomness from affecting overall security -
size
: [Default:16
] number of random bytes in the session id