Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Preserving session between node.js server reboots

Tags:

node.js

I'm developing a node.js app and I use nodemon to run it. My question is how I do to keep the session open when I make a change in the server, and nodemon reboot.

like image 790
David Luque Avatar asked Apr 29 '15 15:04

David Luque


People also ask

How do I stop a node server from restarting?

If it's just running (not a daemon) then just use Ctrl-C . Where PID is replaced by the number in the output of ps . You could also use "killall -2 node", which has the same effect. Don't want/need to kill all node processes.

How session is maintained in node JS?

This cookie will contain the session's unique id stored on the server, which will now be stored on the client. This cookie will be sent on every request to the server. We use this session ID and look up the session saved in the database or the session store to maintain a one-to-one match between a session and a cookie.


Video Answer


1 Answers

This answer assumes that you're using Express or Koa, two of the more popular node.js web frameworks.

In your application, you probably have a line that says the following.

Express 4

var app = require( 'express' )()
var session = require( 'express-session' )
app.use( session() ) // this is the session middleware

KoaJS

var app = require( 'koa' )()
var session = require( 'koa-session' )
app.use( session() ) // this is the session middleware

The guiding wisdom in web applications is to make the world-facing side of it as stateless as possible. This means that your node.js server holds no information between requests and can be destroyed and restarted anytime.

A session is a very stateful thing. Because of this, you need to store session data in something designed to keep the data uncorrupted in the long run. This is most commonly done through a database (more secure) or a browser cookie (less secure).

The express-session module holds session information in memory by default. This violates the stateless ideals and will lose session information on reboot.

The koa-session module uses cookies by default. This is stateless, but raises some security concerns in that it may be possible for users to modify their own session variables, so don't use this for billing or other sensitive operations.

In both of the above modules, you can override the defaults with your own session store.

Redis Session Store

I normally store session data in a database like redis.

Express

This can be easily wired into express with a module like connect-redis.

Quoting from the Readme:

var session = require('express-session');
var RedisStore = require('connect-redis')(session);

app.use(session({
    store: new RedisStore(options),
    secret: 'keyboard cat'
}));

KoaJS

Using redis to store session data is also possible in koa with the koa-redis module. Paraphrasing from the Readme:

var app require('koa')();
var session = require('koa-generic-session');
var redisStore = require('koa-redis');

app.keys = ['keys', 'keykeys'];

app.use(session({
  store: redisStore()
}));

app.use(function *() {
  this.session.name = 'koa-redis';
});

No Databases Session Store

Express

Express can store session data in cookies with the cookie-session extension.

Koa

As mentioned before, the koa-session module stores sessions in cookies by default.

like image 127
JoshWillik Avatar answered Sep 27 '22 18:09

JoshWillik