Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

koajs session - where is the session stored?

Tags:

session

koa

I am using this module for koajs sessions.

I checked the source code but I really cannot understand it. I am trying to know where it is saving the session data, because I see no files created, and when the server is restarted the session data is still there.

I got the feeling it is saving the data in the cookie itself, then I see it creates two cookies with scrambled text.

Now, is it encoding the data in the cookie itself (unsecure) or is it saving the data on the server in a manner I do not understand yet?

like image 900
john doe Avatar asked Apr 17 '15 06:04

john doe


1 Answers

According to this section of code in the koa-session library, the session data is encoded into JSON, then into base64, then attached to a cookie.

Session.prototype.save = function(){
  var ctx = this._ctx;
  var json = this.toJSON();
  var opts = ctx.sessionOptions;
  var key = ctx.sessionKey;
  // set expire into cookie value
  var maxAge = opts.maxAge || ONE_DAY;
  json._expire = maxAge + Date.now();
  json._maxAge = maxAge;
  json = encode(json);
  debug('save %s', json);
  ctx.cookies.set(key, json, opts); // <-- this is where the session is being saved
};
like image 61
JoshWillik Avatar answered Oct 03 '22 03:10

JoshWillik