Closed tubbo closed 5 years ago
With the :signed option passed into the Redis session store, you can now ensure that sessions will be set up in the browser using a signed/encrypted cookie. This prevents user tampering by changing their session ID or the data within the cookie.
:signed
Closes #21
@cjmao @exadeci this seems to work :)
With the
:signed
option passed into the Redis session store, you can now ensure that sessions will be set up in the browser using a signed/encrypted cookie. This prevents user tampering by changing their session ID or the data within the cookie.Closes #21