hapi-easy-session
A server-side session management plugin for Hapi. It is largely copied from hapi-server-session. The main difference is that hapi-server-session guards against gratuitous cache stores while hapi-easy-session use a bit less memory. To illustrate, here's a breakdown of how the plugins work:
- hapi-server-session:
- Looks for a session id cookie and, if found, tries to load the session from Hapi's cache
- The cached session is set as the primary session and then cloned to a secondary session
- Before the request is served, the primary session and secondary session are compared for differences. If no difference is found, the primary session is sent and storing it to the cache is skipped. If a difference is found, then the primary session is saved to the cache
- hapi-easy-session:
- Looks for a session id cookie and, if found, tries to load the session from Hapi's cache
- The cached session is set as the only session instance
- Before the request is seved, the session is stored to the cache
It's a pick your poison situation: either use hapi-server-session and incur at least twice the memory usage per session object but skip some saves to the cache, or use hapi-easy-session use a bit less memory and issue a cache store operation on every request.
Install
$ npm install --save hapi-easy-session
Example:
'use strict'; const Hapi = ;const server = ; server; const sessionPluginOptions = cache: segment: 'unique-cache-sement' cookie: isSecure: false key: 'super-secret-cookie-encryption-key'; server; server; serverstart;
Options
// name for the session id cookie sent to the client name: 'easySession' // the algorithm to use when encrypting the session id cookie algorithm: 'sha256' // secret key for cookie encryption, default: `undefined` key: 'string' // number of random bytes to use for session id size: 16 // time when the cookie will expire, in milliseconds // e.g. `Date.now() + (86400 * 1000)` // must set the `key` option if this is set expiresIn: undefined // http://hapijs.com/api#servercacheoptions cache: segment: 'easySession' // how long entries will live in the cache (milliseconds), // default: 2147483647 (~24 days) expiresIn: 60000 // http://hapijs.com/api#serverstatename-options cookie: isSecure: true isHttpOnly: true // An array of regular expressions or strings to match. // The matches will tested against `request.url.path`. If any of the // matches succeed, session processing will not be performed. ignorePaths: // An instance of a logger that supports the Log4j interface. The plugin // logs everything at the `trace` level. The Pino logger is the recommended // logger: https://npm.im/pino logger: {}