在connect / express中使用cookieSession（）时，为会话设置单独的maxAge [英] Set individual maxAge for sessions when using cookieSession() in connect/express

问题描述

我试图使用connect / express cookieSession（）来将node.js会话存储在cookie中（从而避免了服务器端会话存储） 。这将帮助我在用户登录时记住用户，并在服务器重新启动后保持会话活动。

I am trying to use connect/express cookieSession() in order to store my node.js sessions in cookies (and thus, avoiding a server-side session store). This would help me to 'remember' the user when they log in and keep sessions alive even after server restarts.

我想使用 cookieSession（）：

app.use( express.cookieSession( { secret: 'secret_key' } ) );
app.use( function (req, res, next) {
    if ( req.method == 'POST' && req.url == '/login' ) {
      if ( req.body.remember ) {
        req.session.cookie.maxAge = 30*24*60*60*1000; // Rememeber 'me' for 30 days
      } else {
        req.session.cookie.expires = false;
      }
    }
    next();
});

但是，这是行不通的，因为req.session.cookie是未定义的。我也尝试了以下方法，但是它似乎没有用：

However, this does not work, because req.session.cookie is undefined. I also tried the following, but it didn't seem to work:

app.use( express.session( { secret: 'secret_key' } ) );
app.use( function (req, res, next) {
    if ( req.method == 'POST' && req.url == '/login' ) {
      if ( req.body.remember ) {
        req.cookies['connect.sess'].maxAge = 30*24*60*60*1000; // Rememeber 'me' for 30 days
      } else {
        rreq.cookies['connect.sess'].expires = false;
      }
    }
    next();
});

推荐答案

从$ p $ b开始

Starting out with

app.use(express.cookieSession({ secret: config.server.cookieSecret }));

并将其更改为

app.use(function(req, res, next) {
  express.cookieSession({
    secret: config.server.cookieSecret,
    cookie: {
      maxAge: req.param('remember') ? 20000 : 3000
    },
  })(req, res, next);
})

因此，我们创建了自己的中间件，将其包裹在cookieSession中间件周围，并根据参数更改了maxAge。

So, we create our own middleware, wrapped around the cookieSession middleware, changing the maxAge based on a param.

因此，每当更改会话时，都需要在正文记住 c>，查询或参数（即 req.param（）看起来）。在大多数情况下，只需在登录时为会话设置一次 user_id 。

So, whenever you change the session you'll need to pass a remember in the body, query, or params( that's where req.param() looks ). In most cases, you only set a user_id to the session once, at login.

这是3秒或20

同样，如果您在会话中设置了很多内容，可能不是很有帮助，但是如果您只是设置一个

And again, it might be not very helpful if you're setting stuff to your session a lot, but if you just set a user_id to session at login, this is all you need.

如果要在会话中设置很多内容，则应该知道每次请求都会传递数据，并且您应该只保存会话的最小值，例如user_id，然后查找每个请求所需的数据，以减少用户的开销。

If you are setting lots of stuff to your session, you should know that data get passed around at every request, and you should save only the minimum to the session, like user_id, then look up the data you need for each request, to keep the overhead down on the user.

这篇关于在connect / express中使用cookieSession（）时，为会话设置单独的maxAge的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！