toa-session
Session middleware for toa, inspired by generic-session.
toa
Demo
use as middleware:
const Toa = const session = const app = app appapp
use as module:
const Toa = const session = const app = { if thispath === '/favicon.ico' return session if thispath === '/delete' thissession = null else thissessionname = 'test' thisbody = path: thispath session: thissession sessionId: thissessionId } app
- After adding session middleware, you can use
this.session
to set or get the sessions. - Setting
this.session = null;
will destroy this session.
Installation
npm install toa-session
API
const session = ;
app.use(session([options]))
-
options.key
:String
, cookie name, default totoa.sid
. -
options.store
:object
, session store instance. -
options.ttl
:Number
, store ttl inms
, default to24 * 60 * 60 * 1000
. -
options.prefix
:String
, session prefix for store, default totoa:sess:
. -
options.cookie
:Object
, session cookie settings. -
options.rolling
:Boolean
, rolling session, always reset the cookie and sessions, default tofalse
. -
options.sidSize
:Number
, random bytes's length to generate sid, sid included timestamp hash and CRC bytes, so it's length is long than sidSize, default to24
. -
options.genSid
:Function
, you can use your own generator for sid, default to./lib/sid.js
. -
Store can be any Object that has the methods
set
,get
,destroy
like memoryStore. -
cookie defaulting to
const defaultCookie = httpOnly: true path: '/' overwrite: true signed: true maxAge: 24 * 60 * 60 * 1000 // ms;
Session Store
You can use any other store to replace the default MemoryStore, it just needs to follow this api:
get(sid)
: get session object by sidset(sid, session, ttl)
: set session object for sid, with a ttl (in ms)destroy(sid)
: destory session for sid
the api needs to return a Promise, Thunk or generator.
And use these events to report the store's status.
connect
disconnect
Licences
(The MIT License)