-
Notifications
You must be signed in to change notification settings - Fork 1
/
package.json
45 lines (45 loc) · 5.84 KB
/
package.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
{
"name": "express-session",
"version": "1.0.4",
"author": {
"name": "TJ Holowaychuk",
"email": "tj@vision-media.ca",
"url": "http://tjholowaychuk.com"
},
"main": "./index.js",
"repository": {
"type": "git",
"url": "git://github.com/expressjs/session.git"
},
"dependencies": {
"utils-merge": "1.0.0",
"cookie": "0.1.2",
"cookie-signature": "1.0.3",
"uid2": "0.0.3",
"buffer-crc32": "0.2.1",
"debug": "0.8.1"
},
"devDependencies": {
"mocha": "~1.17.0",
"express": "4.0.0",
"supertest": "0.9.0",
"should": "3.1.2",
"cookie-parser": "1.0.1"
},
"scripts": {
"test": "mocha --bail --ui bdd --reporter list -- test/*.js"
},
"engines": {
"node": ">= 0.8.0"
},
"license": "MIT",
"readme": "THIS REPOSITORY NEEDS A MAINTAINER. IF YOU'RE INTERESTED IN MAINTAINING THIS REPOSITORY, PLEASE LET US KNOW!\n\n# express-session [![Build Status](https://travis-ci.org/expressjs/session.svg)](https://travis-ci.org/expressjs/session) [![NPM version](https://badge.fury.io/js/session.svg)](http://badge.fury.io/js/session)\n\n## API\n\n```js\nvar express = require('express')\n , cookieParser = require('cookie-parser')\n , session = require('express-session')\n , app = express()\n\napp.use(cookieParser()) // required before session.\napp.use(session({ secret: 'keyboard cat', key: 'sid', cookie: { secure: true }}))\n```\n\n\n### session(options)\n\nSetup session store with the given `options`.\n\nSession data is _not_ saved in the cookie itself, however\ncookies are used, so we must use the [cookie-parser](https://github.com/expressjs/cookie-parser)\nmiddleware _before_ `session()`.\n\n#### Options\n\n - `key` - cookie name defaulting to `connect.sid`.\n - `store` - session store instance.\n - `secret` - session cookie is signed with this secret to prevent tampering.\n - `proxy` - trust the reverse proxy when setting secure cookies (via \"x-forwarded-proto\").\n - `cookie` - session cookie settings, defaulting to `{ path: '/', httpOnly: true, secure: false, maxAge: null }`\n\n\n#### Cookie options\n\nPlease note that `secure: true` is a **recommended** option. However, it requires an https-enabled website, i.e., HTTPS is necessary for secure cookies.\nIf for development or other reasons security is not a concern, just use:\n\n```\napp.use(connect.cookieParser())\napp.use(connect.session({ secret: 'keyboard cat', key: 'sid' }))\n```\n\nBy default `cookie.maxAge` is `null`, meaning no \"expires\" parameter is set\nso the cookie becomes a browser-session cookie. When the user closes the\nbrowser the cookie (and session) will be removed.\n\n### req.session\n\nTo store or access session data, simply use the request property `req.session`,\nwhich is (generally) serialized as JSON by the store, so nested objects\nare typically fine. For example below is a user-specific view counter:\n\n```js\napp.use(cookieParser())\napp.use(session({ secret: 'keyboard cat', cookie: { maxAge: 60000 }}))\n\napp.use(function(req, res, next) {\n var sess = req.session\n if (sess.views) {\n sess.views++\n res.setHeader('Content-Type', 'text/html')\n res.write('<p>views: ' + sess.views + '</p>')\n res.write('<p>expires in: ' + (sess.cookie.maxAge / 1000) + 's</p>')\n res.end()\n } else {\n sess.views = 1\n res.end('welcome to the session demo. refresh!')\n }\n})\n```\n\n#### Session.regenerate()\n\nTo regenerate the session simply invoke the method, once complete\na new SID and `Session` instance will be initialized at `req.session`.\n\n```js\nreq.session.regenerate(function(err) {\n // will have a new session here\n})\n```\n\n#### Session.destroy()\n\nDestroys the session, removing `req.session`, will be re-generated next request.\n\n```js\nreq.session.destroy(function(err) {\n // cannot access session here\n})\n```\n\n#### Session.reload()\n\nReloads the session data.\n\n```js\nreq.session.reload(function(err) {\n // session updated\n})\n```\n\n#### Session.save()\n\n```js\nreq.session.save(function(err) {\n // session saved\n})\n```\n\n#### Session.touch()\n\nUpdates the `.maxAge` property. Typically this is\nnot necessary to call, as the session middleware does this for you.\n\n### req.session.cookie\n\nEach session has a unique cookie object accompany it. This allows\nyou to alter the session cookie per visitor. For example we can\nset `req.session.cookie.expires` to `false` to enable the cookie\nto remain for only the duration of the user-agent.\n\n#### Cookie.maxAge\n\nAlternatively `req.session.cookie.maxAge` will return the time\nremaining in milliseconds, which we may also re-assign a new value\nto adjust the `.expires` property appropriately. The following\nare essentially equivalent\n\n```js\nvar hour = 3600000\nreq.session.cookie.expires = new Date(Date.now() + hour)\nreq.session.cookie.maxAge = hour\n```\n\nFor example when `maxAge` is set to `60000` (one minute), and 30 seconds\nhas elapsed it will return `30000` until the current request has completed,\nat which time `req.session.touch()` is called to reset `req.session.maxAge`\nto its original value.\n\n```js\nreq.session.cookie.maxAge // => 30000\n```\n\n## Session Store Implementation\n\nEvery session store _must_ implement the following methods\n\n - `.get(sid, callback)`\n - `.set(sid, session, callback)`\n - `.destroy(sid, callback)`\n\nRecommended methods include, but are not limited to:\n\n - `.length(callback)`\n - `.clear(callback)`\n\nFor an example implementation view the [connect-redis](http://github.com/visionmedia/connect-redis) repo.\n",
"readmeFilename": "README.md",
"description": "THIS REPOSITORY NEEDS A MAINTAINER. IF YOU'RE INTERESTED IN MAINTAINING THIS REPOSITORY, PLEASE LET US KNOW!",
"bugs": {
"url": "https://github.com/expressjs/session/issues"
},
"homepage": "https://github.com/expressjs/session",
"_id": "express-session@1.0.4",
"_from": "express-session@1.0.4"
}