Closed jonathanong closed 7 years ago
doesn't matter anymore because crypto.randomBytes()
has no benefits of being called async
may matter in regards to #9 if someone knows of session middleware that is async
@jonathanong I don't see any reason to make this change. Cool if I close?
@stephenmathieson agreed!
unlike express, we create the secret only when we need to to avoid setting cookies and updating sessions unnecessarily. however, this means with a getter, we do so synchronously.
how about changing the api to:
and optionally get it synchronously:
another breaking change, but i think it's for the better. unless we make the dev set the secret themselves, which would be kind of annoying.