atomic-session
Atomic sessions for Koa.
- Currently uses MongoDB.
- Atomic updates - don't butcher the entire session.
- Don't grab the session from the database unless necessary.
- Better error handling.
- Includes CSRF token handling
Usage
// create the appvar app = // attach the session to the appvar MongoDBSession = app maxAge: '1 month' // asynchronously attach the collection// you should not start the app until you do thisMongoClient // use it in your appapp
API
var Session = Session(app, [options])
Options:
key
- cookie keymaxAge
- default to 14 days
this.session().then( session => )
Grab the session from the database asynchronously.
session.touch().then( session => )
Updates the new expires
time.
session[command](arguments...).then( => )
Change properties of the session. See database-specific options below.
session.update().then( => )
Updates all the properties of the session
object after running a command.
Should always be added to a .then()
.
session assert
session.destroy.then( => )
Destroys the session without creating a new one.
session.regenerate.then( session => )
Creates a brand new session.
var csrf = session.createCSRF()
Create a CSRF token.
session.assertCSRF(csrf)
Assert that a CSRF token is valid.
MongoDB API
MongoDBSession.ensureIndex().then( => )
Adds indexes on the expires
property so that expires are automatically set.
MongoDBSession.collection =
Set the collection asynchronously. You should set this collection before starting your app.
session[command](arguments...).then( => )
Supports most MongoDB properties. This uses mongodb-next internally. Some commands that are supported are:
- `.set(key, value)``
.unset(key)
.rename(name, newName)
.pull()
.addToSet()