-
-
Notifications
You must be signed in to change notification settings - Fork 250
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Examples of multiple session cookies #317
Comments
@atonyba did you have any luck getting this working? I too have a use case for this too, and came here looking for information on whether it is supported/possible. |
@atonyba There's no support currently for going over 4k. I'd say that your best option is not to store token + refresh token in the cookie itself but rather only use the cookie to identify the person (id) and then get the token via a regular API call (on your side, like /user) and cache this route in memory + expiration (if you're dealing with an SPA), or cache it via HTTP headers for like 10 minutes. The advantage of this is that you can control on your side the data and invalidate it when you want. PS: Not sure why you're storing tokens inside the cookie itself, is your token used for an external API afterward? About allowing multiple instances of next-iron-session, that's a good idea but we would have to allow naming the req.session property (like req.session2..) or better: require people to call a method to get the session object instead of extending req. @asciant can you tell us more about your usecase? |
Not in scope of the library |
Awesome project, nicely done!
For those that work with auth tokens, the 4k size limit on a cookie is a challenge. After storing a token and refresh token, there isn't sufficient room left over for storing much else. Given that the session options includes a required parameter of cookieName, I assume that there is a way to channel session storage to different cookies.
I'm using an Express site, registering the middleware in the www.js. When I try to employ a second middleware registration with a different cookieName, Express doesn't seem to like this. In my routes file, creating another reference to next-iron-session to register a different cookie name doesn't seem to create a second cookie in the response.
Do you have any examples of how to use multiple cookies to overcome the 4k size limit? Is this even something that is supported?
Many thanks!
The text was updated successfully, but these errors were encountered: