search

koajs / generic-session

koa session store with memory, redis or others.
MIT License
414 stars 65 forks source link

Should we include the cookie object in the session data we store? #48

Closed multimeric closed 8 years ago

multimeric commented 9 years ago

I'm the person who made the PostgreSQL implementation for this library, and I'm just interested if I'm supposed to be storing the cookie object in the session data. At the moment I am, and it's working fine, but it might be somewhat redundant? So in the database table that my module generates, I have this:

{
   "cookie":{
      "httpOnly":true,
      "path":"/",
      "overwrite":true,
      "signed":true,
      "maxage":86400000
   },
   "logged_in":true,
   "user_id":"6",
   "username":"TMiguelT",
   "email":"ttmigueltt@gmail.com"
}

Obviously the keys like logged_in and user_id are my own session properties, but the cookie object is included as well. This is because I simply serialize the whole session object, which contains cookie, but I'm not sure if I should filter it out. Thoughts?

dead-horse commented 8 years ago

yep, you should store the whole session object include cookie

multimeric commented 8 years ago

Fantastic, my implementation is working fine in that case!