Setting rolling to true does not refresh expiration

pixelmund / svelte-kit-cookie-session

⚒️ Encrypted "stateless" cookie sessions for SvelteKit

MIT License

182 stars 11 forks source link

Setting rolling to true does not refresh expiration #30

Closed andrepimpao closed 2 years ago

andrepimpao commented 2 years ago

It seems that setting rolling to true does not refresh the expiration date. When using session.refresh() it seems to work fine.

From what I can tell, this condition always fails because sessionData is always undefined:

if (userOptions?.rolling && !sessionState.invalidDate && sessionData) {
  session.refresh();
}

pixelmund commented 2 years ago

You're right haven't tested it in a while and should write a test for it. I generally recommend not to use rolling since it will generate and set the cookie with every request which might cause overhead. Another idea would be to give the option to refresh the session If a certain percentage of the expiry is met and remove the rolling option.

andrepimpao commented 2 years ago

That actually seems like a great idea. Maybe instead of removing, just give the possibility to set a percentage value like:

false never refreshes
true always refreshes
[0-100]% refreshes when a percentage of the expiration date is met

pixelmund commented 2 years ago

This is now available in v2.1.3 https://github.com/pixelmund/svelte-kit-cookie-session/commit/eaa0274cb6fbf876b67ff79bfc8fc79536cb0ef0