Closed operatorjen closed 10 years ago
Hm, this would definitely be a change from previous behaviour.
Should this be a configurable option, as in your provide an array of keys you wish to preserve? Or maybe you provide an array of keys you want to delete? That'd be backwards compatible at least. What would make the most sense to you, as a developer? Would you ever want to only delete some session values?
I think the best way to solve this would be to add a custom logoutResponse that removes the session keys you want to remove
only req.session.email