Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What is a good session store for a single-host Node.js production app?

Tags:

node.js

express

connect

I'm using Node's Express w/ Connect middleware. Connect's memory session store isn't fit for production:

Warning: connection.session() MemoryStore is not designed for a production environment, as it will leak memory, and obviously only work within a single process.

For larger deployments, mongo or redis makes sense.

But what is a good solution for a single-host app in production?

like image 996
Nils Avatar asked Jan 05 '12 21:01

Nils

People also ask

Where does node js store sessions?

On the other hand, the session data is stored on the server-side, i.e., a database or a session store. Hence, it can accommodate larger amounts of data. To access data from the server-side, a session is authenticated with a secret key or a session id that we get from the cookie on every request.

How do I handle multiple sessions in node JS?

Here, since sess is global, the session won't work for multiple users as the server will create the same session for all the users. This can be solved by using what is called a session store. We have to store every session in the store so that each one will belong to only a single user.

Does Nodejs have sessions?

Most frameworks use their own session management middleware. For example, express , the most popular server framework for Node. js, has the accompanying express-session for session management.

What is session handling in Node JS?

Session handling is a globally used concept, without which any website or app, regardless of whether it is written in Node.js, PHP or any other backend language, will be in a precarious condition. It enables the user information to be persistent in a ‘stateful’ manner across all the pages of that website or app.

How do I install session middleware in Node JS?

This is a Node.js module available through the npm registry. Installation is done using the npm install command: Create a session middleware with the given options. Note Session data is not saved in the cookie itself, just the session ID. Session data is stored server-side.

What is express sessionstore?

sessionstore A session store that works with various databases. tch-nedb-session A file system session store based on NeDB. A simple example using express-session to store page views for a user.

What happens when a user logs out of a node session?

Upon logging out, the session is destroyed and the user will be redirected to the home page, where he or she can log in again. Create a new folder and open a terminal in that directory. Note: Here, we are using the Windows command line tool. This creates the package.json file for building the Node project.

1 Answers

Spent the day looking into this. Here are the options I've discovered. Requests/second are performed via ab -n 100000 -c 1 http://127.0.0.1:9778/ on my local machine.

  • no sessions - fast (438 req/sec)
  • cookieSession: requires no external service, minor speed impact (311 req/sec) - fastest, sessions will expire with the cookie (customised by maxAge)
  • connect-redis: requires redis server, large speed impact (4 req/sec with redis2go and redisgreen) - faster than mongo, sessions will be deleted after a while (customised by ttl)
  • connect-mongo - requires mongodb server, large speed impact (2 req/sec with mongohq) - slower than redis, requires manual clear_interval to be set to cleanup sessions

Here is the coffeescript I used for cookieSession:

server.use express.cookieSession({     secret: appConfig.site.salt     cookie: maxAge: 1000*60*60 })

Here is the coffeescript I use for redis:

RedisSessionStore ?= require('connect-redis')(express) redisSessionStore ?= new RedisSessionStore(     host: appConfig.databaseRedis.host     port: appConfig.databaseRedis.port     db: appConfig.databaseRedis.username     pass: appConfig.databaseRedis.password     no_ready_check: true     ttl: 60*60  # hour ) server.use express.session({     secret: appConfig.site.salt     cookie: maxAge: 1000*60*60     store: redisSessionStore })

Here is my coffeescript for mongo:

server.use express.session({     secret: appConfig.site.salt     cookie:         maxAge: 100*60*60     store: new MongoSessionStore({         db: appConfig.database.name         host: appConfig.database.host         port: appConfig.database.port         username: appConfig.database.username         password: appConfig.database.password         auto_reconnect: appConfig.database.serverOptions.auto_reconnect         clear_interval: 60*60  # hour     }) })

Now of course, the remote redis and mongo databases will be slower than their local equivalents. I just couldn't get the local equivalents working, especially considering the installation and maintenance time for me was far more than what I was willing to invest when compared with hosted remote alternatives, something I feel is true for others too hence why these hosted remote database services exist in the first place!

For local database benhmarks, see @Mustafa's answer.

Happy for someone to edit this answer to add their local database benchmarks to the mix.

like image 154
balupton Avatar answered Oct 05 '22 08:10

balupton
Sign in to Comment

Related questions

configure node express to serve static bower_components?
Node.js - Get number of processors available
How to fix curl: (60) SSL certificate: Invalid certificate chain
NodeJS w/Express Error: Cannot GET /
MomentJS getting JavaScript Date in UTC
How can I solve "ReferenceError: expect is not defined" error message?
Make node.js not exit on error
How to update package-lock.json without doing npm install?
Why do we need, what advantages to use mongoose [closed]
Express.js get http method in controller
nodejs passport authentication token
Serve Static Files on a Dynamic Route using Express
NodeJS: bcrypt vs native crypto
Proxyquire, rewire, SandboxedModule, and Sinon: pros & cons
npm install the exact package version specified in package.json
Fix the upstream dependency conflict installing NPM packages
Verify if my node.js instance is dev or production
Node.js https pem error: routines:PEM_read_bio:no start line
How to set ObjectId as a data type in mongoose
How to ignore incompatible engine "node" error on installing npm dependencies with yarn?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!