Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

originalMaxAge might get in negative number when set both maxAge and expires #365

Closed
jackycute opened this issue Sep 26, 2016 · 5 comments
Closed

originalMaxAge might get in negative number when set both maxAge and expires #365

jackycute opened this issue Sep 26, 2016 · 5 comments
Labels
docs question

Comments

@jackycute
Copy link

jackycute commented Sep 26, 2016
edited

Hi guys!
We've encounter an issue that cause session expired immediately after creation.
And we found the cause is the originalMaxAge is a negative number in the DB.

I set both maxAge and expries in the config like below:

app.use(session({
    name: config.sessionname,
    secret: config.sessionsecret,
    resave: false, //don't save session if unmodified
    saveUninitialized: true, //always create session to ensure the origin
    rolling: true, // reset maxAge on every response
    cookie: {
        maxAge: config.sessionlife,
        expires: new Date(Date.now() + config.sessionlife)
    },
    store: sessionStore
}));

the config.sessionlife is 14 * 24 * 60 * 60 * 1000
and I'm not sure if we setup correctly.

Thanks for helping us!
@jackycute
Copy link
Author

confirmed that remove expires in the config would solve this issue.

j6k4m8 added a commit to j6k4m8/hackmd that referenced this issue Sep 26, 2016
@j6k4m8
Remove expiry from cookies
937e982 
As per [this issue](expressjs/session#365)
@j6k4m8 j6k4m8 mentioned this issue Sep 26, 2016
Merged
@gabeio
Copy link
Member

gabeio commented Oct 20, 2016

From the docs it's suggested to use maxAge.

Note The expires option should not be set directly; instead only use the maxAge option.

And probably best to only use maxAge.

Note If both expires and maxAge are set in the options, then the last one defined in the object is what is used.

@jackycute
Copy link
Author

Oh I missed the first mention there.
Anyway I've changed to use maxAge now, everything works fine though.
Probably more specifically to say not set both them in docs?

@gabeio gabeio added the docs label Oct 20, 2016
@dougwilson
Copy link
Contributor

Probably more specifically to say not set both them in docs?

Yes, the docs say don't even set expires.

@jackycute
Copy link
Author

jackycute commented Oct 20, 2016
edited

True!
Well, I'm ok to close this issue.
Thanks @dougwilson @gabeio !

@gabeio gabeio closed this as completed Oct 20, 2016
@toshi0123 toshi0123 mentioned this issue Mar 5, 2019
Closed
pandy1988 pushed a commit to pandy1988/codimd that referenced this issue Sep 13, 2019
@j6k4m8
Remove expiry from cookies
8f0c59c 
As per [this issue](expressjs/session#365)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
docs question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dougwilson @gabeio @jackycute