Session middleware for toa, inspired by generic-session.
use as middleware:
const Toa = require('toa')
const session = require('toa-session')()
const app = new Toa()
app.use(function () {
if (this.path === '/favicon.ico') return
if (this.path === '/delete') this.session = null
else this.session.name = 'test'
this.body = {
path: this.path,
session: this.session,
sessionId: this.sessionId
}
})
app.use(session)
app.listen(3000)
use as module:
const Toa = require('toa')
const session = require('toa-session')()
const app = new Toa()(function *() {
if (this.path === '/favicon.ico') return
yield session
if (this.path === '/delete') this.session = null
else this.session.name = 'test'
this.body = {
path: this.path,
session: this.session,
sessionId: this.sessionId
}
})
app.listen(3000)
- After adding session middleware, you can use
this.session
to set or get the sessions. - Setting
this.session = null;
will destroy this session.
npm install toa-session
const session = require('toa-session');
-
options.key
:String
, cookie name, default totoa.sid
. -
options.store
:object
, session store instance. -
options.ttl
:Number
, store ttl inms
, default to24 * 60 * 60 * 1000
. -
options.prefix
:String
, session prefix for store, default totoa:sess:
. -
options.cookie
:Object
, session cookie settings. -
options.rolling
:Boolean
, rolling session, always reset the cookie and sessions, default tofalse
. -
options.sidSize
:Number
, random bytes's length to generate sid, sid included timestamp hash and CRC bytes, so it's length is long than sidSize, default to24
. -
options.genSid
:Function
, you can use your own generator for sid, default to./lib/sid.js
. -
Store can be any Object that has the methods
set
,get
,destroy
like memoryStore. -
cookie defaulting to
const defaultCookie = {
httpOnly: true,
path: '/',
overwrite: true,
signed: true,
maxAge: 24 * 60 * 60 * 1000 // ms
};
You can use any other store to replace the default MemoryStore, it just needs to follow this api:
get(sid)
: get session object by sidset(sid, session, ttl)
: set session object for sid, with a ttl (in ms)destroy(sid)
: destory session for sid
the api needs to return a Promise, Thunk or generator.
And use these events to report the store's status.
connect
disconnect
(The MIT License)