过期时间表示和Redis会话 [英] Expire time express and redis session

问题描述

我正在使用express和redis来保持会话在我的系统上的实时状态.我在设置sessionCookie的maxAge时遇到一些问题.默认情况下，我读到的是24小时，但是要保持它存活很长的时间.我想设置为30分钟，然后注销用户，我更改了1分钟以查看它是否有效，但是什么也没有发生，该用户仍然登录.

I'm using express and redis to keep the session live on my system. I having some problems to set the maxAge on the sessionCookie. By the default I read that is 24hrs, but that's a long time to keep it live. I would like to set like 30 min and then logout the user, I changed for 1min to see if it works but nothing happens, the user still logged.

这是我的会话功能:

module.exports.initSession = function(app, db) {
  app.use(session({
    saveUninitialized: true,
    resave: false,
    secret: config.sessionSecret,
    cookie: {
      maxAge: 30*10000,
      httpOnly: true,
      secure: Boolean(process.env.ssl) || true
    },
    key: config.sessionKey,
    store: new RedisStore({
      host: config.redis.host || 'localhost',
      port: config.redis.port || 6379,
      db: config.redis.database || 0,
      pass: config.redis.password || ''
    })
  }));
};

我也尝试使用ttl而不是maxAge，但是得到了相同的结果.会是什么?

I also tried using ttl instead of maxAge but I get the same result. What could it be?

已

我使用 SEAN.JS 和满足会话要求的文件是这两个: express.js 和默认环境.

I using SEAN.JS and the files that content the session are this two: express.js and default environment.

推荐答案

这是我的会话配置，可以正常使用.
为了进行测试，我将到期时间设置为5秒.

This is my configuration for sessions and it works.
I set the expiration time to 5 seconds for testing purposes.

app.use(session({
        store: new redisStore({
        host: 'localhost',
        port: 6379,
        client: redisClient,
        ttl: 5 // in seconds
    }),
    secret: 'this is secret',
    resave: false,
    saveUninitialized: true,
    // cookie: {maxAge: 5000}
}));

我设置了maxAge，但它不起作用，当我设置了ttl时，它起作用了.

I set maxAge and it didn't work and when i set ttl it worked.

注意:我测试了一下，发现ttl是秒，但是maxAge是毫秒！ (有点怪异)

Note: I tested and found out that ttl is in second but maxAge is in milli seconds! (kinda weird)

您可以使用如下所示的中间件记录会话数据，以查看是否存在护照对象，如果会话数据中没有护照对象，则用户将被注销.

you can log session data using a middleware like below to see if a passport object exists or not, if there is no passport object in sesssion data, user is logged out.

app.use((req, res, next) => {
    console.log('session:\n', req.session);
    next();
});

这篇关于过期时间表示和Redis会话的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！