keystonejs / keystone-classic

Node.js CMS and web app framework
http://v4.keystonejs.com
MIT License
14.63k stars 2.21k forks source link

Enable mongo / redis for session management #41

Closed JedWatson closed 10 years ago

JedWatson commented 11 years ago

Keystone currently defaults to the in-memory datastore for the Session Express Middleware, which shouldn't be used in production.

There's a writeup on how to use redis or mongo for session management here: http://blog.modulus.io/nodejs-and-express-sessions

thestephenmarshall commented 10 years ago

Just did this a few days ago at work. I'll be sure to provide an example for web.js.

https://github.com/thatjsguy/keystone/tree/issues/41/session_mongo_redis

JedWatson commented 10 years ago

Looks great, thanks! I'll put it into master.

thestephenmarshall commented 10 years ago

Example for connect-mongo:

'session_handler': {
  'pkg': 'connect-mongo',
  'url': mongo_url,
  'secret': secret
}
kevinian commented 10 years ago

Hello JedWatson,

have you put this change into the master? I need this enhancement as well

Best regards, Kevin

bufke commented 10 years ago

thatjsguy's changes work for me. Hope to see this in master soon :)

JedWatson commented 10 years ago

:+1: working on it now.

JedWatson commented 10 years ago

This just went live with 0.2.19.

Set 'session store': 'mongo' in your keystone options to enable connect-mongo.

It will use the same database specified in your environment variables or the mongo setting, and the collection is called app_sessions. This could be customised with other options in the future, if anyone has a specific need for it.

coldfire22x commented 10 years ago

just tried using this with a ReplicaSet and am running into the following error:

error: Error setting TTL index on collection: app_sessions

will play more with this later when i have time, but preliminary guess is that the store is being initialized before the connection is ready to go.

coldfire22x commented 10 years ago

Hey Ryan,

It sounds like the server is closing the connection before your client is able to send whatever commands it has pending ... can you shoot me your keystone config, particularly the "mongo", "sessionStore", and "sessionStoreOptions" blocks ... OMIT the password though! ;)

And I'll see if I can spot anything ..

-Abe

On Tue, Oct 7, 2014 at 2:16 AM, Ryan Cole notifications@github.com wrote:

I might have something goofy going on, but when using the mongo session store as described here I get a crash with the error > Error: write after end

Looks like something is broken with connect-mongo?

BTW I love Keystone. So fun to make stuff with it. :)

— Reply to this email directly or view it on GitHub https://github.com/keystonejs/keystone/issues/41#issuecomment-58157495.

askdesigners commented 10 years ago

sorry! I had some janky code in there from a test case I had previously been working on. I had removed part of the test case, but was accidentally calling next() twice in an init block. It was my problem. Once I fixed it everything worked like a charm. :) Loving Keystone BTW. It feels a bit like Django, but LOOKS SO MUCH BETTER. Totally going to be my goto CMS for node.

kumo commented 9 years ago

I deployed a simple app to heroku using the button and it works, but when I add the line 'session store': 'mongo', the app gives me a "h20 app boot timeout" error and it doesn't start. Have I missed something?

JedWatson commented 9 years ago

Yes. You also need to add "connect-mongo": "~0.4.1" to your dependencies in package.json, we don't include it by default because I'm trying to cut down on the number of optional packages that are always installed by keystone.

This is more obvious when you're developing locally, because there's a useful warning logged to the console, but it's a bit obscure if you're just putting it straight up onto Heroku.

Since it's a good thing to add anyway, I'll add it to the source of the project that the Heroku button deploys :)

kumo commented 9 years ago

I had already added that but I wrote ^0.4.1 instead and connect-mongo appeared before keystone. I changed it to ~0.4.1 and placed it at the end and now it works. Strange, I am not sure if that is supposed to happen, but at least it works now! Thanks

morenoh149 commented 9 years ago

+1 ran into issues deploying keystone into production. Hopefully following this will resolve my issues.

yshuolu commented 9 years ago

@kumo I have encountered the same problem, and found out that may be caused by the latest connect-mongo version. The latest version of connect-mongo can not work together with keystone, that is why ^0.4.1 is inappropriate, which would upgrade to 0.7.0. While ~0.4.1 will keep the version with 0.4.x, which is fine with keystone.

sebmck commented 9 years ago

@Phineas-z See #924

JedWatson commented 9 years ago

Just to clear this up:

Keystone <= 0.2.40 would not work with connect-mongo >= 0.5.0

Keystone 0.2.41 introduced compatibility with connect-mongo >= 0.5.0 but unfortunately broke compatibility with connect-mongo <= 0.4.1

This was fixed in 0.2.42, it and future versions should be compatible with all versions of connect-mongo.

If you are experiencing problems with it please make sure you upgrade your keystone package, and if it's still broken please open a new issue with details.

Thanks!

JedWatson commented 9 years ago

Also to clear up misconceptions about ^ and ~

See the docs for semver

dedric17 commented 8 years ago

Hi, I'm currently configured to use mongo for my session store ('session store': 'mongo'), and it seems to work great. However, how can I set the session expiration time? I'm using the session store to track browsing history of non-logged in users in order to exclude content they've already seen. however, the session doesn't seem to expire. Is there a config I am missing?

morenoh149 commented 8 years ago

@dedric17 http://keystonejs.com/docs/configuration/#options-database see session store options

akarsh commented 7 years ago

@JedWatson the website link http://blog.modulus.io/nodejs-and-express-sessions is broken I tried searching on internetarchive. But, was not able to find it.