Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Connect session middleware - regenerate vs reload

Tags:

node.js

express

connect

I am trying to get a hang of Connect's Session middleware, and I would like to know the difference between: Session.regenerate() vs Session.reload().

Specifically, I checked the docs, and no explanation was given about what session reload actually does. Similarly, I am also confused about Session.save() method. Any help greatly appreciated!

like image 289
jeffreyveon Avatar asked May 17 '11 16:05

jeffreyveon

People also ask

What is session in middleware?

The session middleware handles all things for us, i.e., creating the session, setting the session cookie and creating the session object in req object. Whenever we make a request from the same client again, we will have their session information stored with us (given that the server was not restarted).

Why did we use express sessions?

It helps in saving the data in the key-value form. In this module, the session data is not saved in the cookie itself, just the session ID. Installation of express-session module: You can visit the link Install express-session module.

How Express sessions work?

By default, express-session creates a new MemoryStore instance for storing session data in server. However, in production, it is not recommended to use the default memory store, as mentioned in the official documentation. We should use other modules, such as connect-redis , a Redis-based session store.

Is Express session safe?

It contains only an encrypted ID that is used by the server to identify which session object corresponds with that user. Session data is then only available on the server itself which further insulates it from some types of attacks.

1 Answers

Comparing the source code for the 2 functions:

store.js

Store.prototype.regenerate = function(req, fn){
  var self = this;
  this.destroy(req.sessionID, function(err){
    self.generate(req);
    fn(err);
  });
};

and

session.js

defineMethod(Session.prototype, 'reload', function reload(fn) {
  var req = this.req
    , store = this.req.sessionStore;
  store.get(this.id, function(err, sess){
    if (err) return fn(err);
    if (!sess) return fn(new Error('failed to load session'));
    store.createSession(req, sess);
    fn();
  });
  return this;
});

I read it as "get the session if it exists or create one" vs "destroy the previous and give me a new one".

like image 171
jcolebrand Avatar answered Oct 19 '22 03:10

jcolebrand
Sign in to Comment

Related questions

Change value of createdAt in Sequelize?
Getting the client request domain from Lambda@Edge function
What purpose do &&=, ||= and ??= serve?
Upload to S3 using multer without a middleware function
Optimize async queries nodeJs
Docker-compose on Vite
Hey can you help me out . my 'url.parse' is deprecated
why doesn't NodeJS support String.prototype.replaceAll?
Error: No version of chokidar is available. Tried chokidar@2 and chokidar@3. after upgrading npm to 7.*.*
Borsh Serialization fails in React Application
TypeError: match.loader.options.plugins is not a function
Node.js provide an efficiency in doing nothing?
CWD of an Node.js application started with upstart (Ubuntu)
Cancel a file download/request on node.js http.Client based on file size
Is it possible to add multiple <%- %> statements to a node.js ejs layout
Node.js + Oracle 9i Database
socket with node js example
Node js - Creating persistent private chat rooms
How to get the results from nodejs using mysql package?
node.js Buffer data decode

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!