Session lost on node restart

lzztt / koa-session-minimal

Minimal implementation of session middleware for Koa 2

MIT License

75 stars 13 forks source link

Session lost on node restart #1

Closed JD-Robbs closed 8 years ago

JD-Robbs commented 8 years ago

First of all: great session middleware - it works really well as a drop-in replacement for koa-generic-session. Thanks!

I am using this in conjunction with the redisStore and, whenever node restarts, the session is lost.

The secret option is a fixed string - so I'm not so sure why this is happening.

Just putting it out there in case it's not just me. 😄

lzztt commented 8 years ago

@JD-Robbs Thanks for the feedback!

I am thinking how to reproduce the session lost issue. I tested with node example/02_redis_store.js session data persists (in browser and redis store) after I restart node.

lzztt commented 8 years ago

The secret option is a fixed string

what secret option are you referring to?

JD-Robbs commented 8 years ago

Hi @longztian,

Thanks for pointing me to the example.

After trying it (and it working), I realised that I must've been doing something wrong.

app.use(session({
    secret: "some_static_secret",
    store: redisStore(),
    cookie: {
        path: '/',
        httpOnly: true,
        maxage: null,
        rewrite: true,
        signed: true
    }
}));

// app.use(session(app)); <-- This was the issue.

Thanks for your help!

P.S.: I assumed the session secret option is used to secure the session. But I just realised that app.keys is used in Koa.