何时使用saveUninitialized并在Express-Session中重新保存 [英] When to use saveUninitialized and resave in express-session

问题描述

我是MEAN堆栈的新手.我阅读了express-session github doc ，但是有些选项我不清楚.这些选项是saveUninitialized和resave.

I am newbie with the MEAN stack. I read the express-session github doc but there are some options which are unclear to me. Those options are saveUninitialized and resave.

任何人都可以通过示例来解释使用saveUninitialized和resave的优点是什么，如果我们更改这些选项中的布尔值，将会产生什么效果.

Can anyone please explain with examples what are the advatanges of using saveUninitialized and resave, and what will the effect be if we change the boolean values in those options.

语法:-

app.use(session({
  resave: false,
  saveUninitialized: true,
}))

推荐答案

让我们假定全局启用了会话(针对所有请求).

Let's assume that sessions are enabled globally (for all requests).

当客户端发出HTTP请求，并且该请求不包含会话cookie时，express-session将创建一个新会话.创建一个新的会话可以做一些事情:

When a client makes an HTTP request, and that request doesn't contain a session cookie, a new session will be created by express-session. Creating a new session does a few things:

• 生成唯一的会话ID
• 将该会话ID存储在会话cookie中(以便可以识别客户端的后续请求)
• 创建一个空会话对象，如req.session
• 根据saveUninitialized的值，在请求结束时，会话对象将存储在会话存储区(通常是某种数据库)中

• generate a unique session id
• store that session id in a session cookie (so subsequent requests made by the client can be identified)
• create an empty session object, as req.session
• depending on the value of saveUninitialized, at the end of the request, the session object will be stored in the session store (which is generally some sort of database)

如果在请求的生存期内未修改会话对象，则在请求结束时且当saveUninitialized为 false 时，(仍然为空，因为未修改)会话对象不会存储在会话存储中.

If during the lifetime of the request the session object isn't modified then, at the end of the request and when saveUninitialized is false, the (still empty, because unmodified) session object will not be stored in the session store.

其背后的原因是，这将防止在会话存储区中存储许多空的会话对象.由于没有什么可存储的，因此在请求结束时会忘记"该会话.

The reasoning behind this is that this will prevent a lot of empty session objects being stored in the session store. Since there's nothing useful to store, the session is "forgotten" at the end of the request.

您何时要启用此功能?例如，当您希望能够确定重复访问者时.您将能够识别出这样的访客，因为他们发送了包含唯一ID的会话Cookie.

When do you want to enable this? When you want to be able to identify recurring visitors, for example. You'd be able to recognize such a visitor because they send the session cookie containing the unique id.

关于resave:可能必须为不支持"touch"命令的会话存储启用此功能.这样做是告诉会话存储特定会话仍处于活动状态，这是必需的，因为某些存储将在一段时间后删除空闲(未使用)的会话.

About resave: this may have to be enabled for session stores that don't support the "touch" command. What this does is tell the session store that a particular session is still active, which is necessary because some stores will delete idle (unused) sessions after some time.

如果会话存储驱动程序未实现touch命令，则应启用resave，以便即使在请求期间未更改会话，该会话仍会在存储中更新(从而将其标记为活动状态)

If a session store driver doesn't implement the touch command, then you should enable resave so that even when a session wasn't changed during a request, it is still updated in the store (thereby marking it active).

因此，是否需要启用此选项完全取决于您使用的会话存储.

So it entirely depends on the session store that you're using if you need to enable this option or not.

这篇关于何时使用saveUninitialized并在Express-Session中重新保存的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！