Permalink
Browse files

adding support for configurable session cookie parameters for express

  • Loading branch information...
lirantal committed Jun 5, 2014
1 parent ab52c14 commit 532dea922c95403c97be317b8f4fc48d76c9008d
Showing with 22 additions and 2 deletions.
  1. +19 −1 server/config/env/all.js
  2. +3 −1 server/config/express.js
View
@@ -13,6 +13,24 @@ module.exports = {
// The secret should be set to a non-guessable string that
// is used to compute a session hash
sessionSecret: 'MEAN',
// The name of the MongoDB collection to store sessions in
sessionCollection: 'sessions'
sessionCollection: 'sessions',
// The session cookie settings
sessionCookie: {
path: '/',
httpOnly: true,
// If secure is set to true then it will cause the cookie to be set
// only when SSL-enabled (HTTPS) is used, and otherwise it won't
// set a cookie. 'true' is recommended yet it requires the above
// mentioned pre-requisite.
secure: false,
// Only set the maxAge to null if the cookie shouldn't be expired
// at all. The cookie will expunge when the browser is closed.
maxAge: null
},
// The session cookie name
sessionName: 'connect.sid'
};
View
@@ -89,7 +89,9 @@ module.exports = function(app, passport, db) {
store: new mongoStore({
db: db.connection.db,
collection: config.sessionCollection
})
}),
cookie: config.sessionCookie,
name: config.sessionName
}));
// Dynamic helpers

0 comments on commit 532dea9

Please sign in to comment.