Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
redis-rememberme
CoffeeScript JavaScript
Branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
lib
src
test
.gitignore
Cakefile
Readme.md
coverage.html
index.js
package.json

Readme.md

Redis Rememberme

This is connect middleware creating remember me functionality to sit alongside connect_redis. It uses the remember me method described here and detects whether the cookie has been stolen or not.

Installation

$ npm install redis-rememberme

You will also need to have connect-redis installed and configured (this piggy backs of its client connection)

Options

Are almost the same as the connect session middleware with the added redisStore

- `key` cookie name defaulting to connect.sid
- `redisStore` connect-redis instance
- `secret` session cookie is signed with this secret to prevent tampering
- `cookie` session cookie settings, defaulting to { path: '/', httpOnly: true, maxAge: null }
- `proxy` trust the reverse proxy when setting secure cookies (via "x-forwarded-proto")

Usage (with an express app)

var RedisStore = require('connect-redis')(express)
  , RememberMe = require('redis-rememberme');

// Do some setup for the RedisStore to give you redisStore
var rememberMeSettings = {
    cookie: {
      maxAge: 24*3600*1000 * 30 // 30 Days in ms
    },
    secret: 'secret,
    redisStore: redisStore,
    key: 'cookie-name'
};
app.use(new RememberMe(rememberMeSettings));

This will create some extra properties on the req and res object. To destroy the rememberme session simply call req.rememberme.destroy(). To check whether a cookie has been stolen test req.rememberme.stolen. To set a remember me cookie for a user simply add res.rememberme = {userid: '1234'} or whatever in your routes.

You can also listen to rememberMe.worker for the cleanup and cleaned events to determine when cleanup is about to and has happened.

For more details have a look at the tests...

Licence

MIT

Something went wrong with that request. Please try again.