Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What's the difference between saveUninitialized and resave?

The session middleware for Express provides several configurable options.

resave: 'Forces the session to be saved back to the session store, even if the session was never modified during the request.'

saveUninitialized: 'Forces a session that is "uninitialized" to be saved to the store. A session is uninitialized when it is new but not modified.'

It appears that both options are for saving unmodified sessions. What's the difference?

like image 749
Cannoliopsida Avatar asked Jul 13 '15 14:07

Cannoliopsida


People also ask

What is resave and Saveuninitialized in Express session?

resave : It basically means that for every request to the server, it reset the session cookie. Even if the request was from the same user or browser and the session was never modified during the request.

What is secret in Express session?

Express-session options and how to use them secret - a random unique string key used to authenticate a session. It is stored in an environment variable and can't be exposed to the public. The key is usually long and randomly generated in a production environment. resave - takes a Boolean value.


2 Answers

I thought I would start off with a basic answer, my bit of understanding so far, and improve it together. Important question been 'dead' for too long.

From this I understand the difference is:

(Unmodified 'state' is different to uninitialized state)

resave: For any request made

  • Nothing in the session needs to change (no login etc).
  • Change of session required (logged in)

"Forces session to be saved even when unmodified"

saveUninitialized: Is about the state of the session, if its still in the uninitialized state.

  • Not modified only, nothing in the session needs to change (no login etc).

"Forces a session that is "uninitialized" to be saved to the store. A session is uninitialized when it is new but not modified."

like image 125
cfl Avatar answered Sep 20 '22 08:09

cfl


Basically, a session is saved in the store only when it is modified; if you add, delete or edit a session cookie (eg: req.session.test = 'some value'). If you want all the sessions to be saved in store, even if they don't have any modifications go with saveUninitialized: true.

Now, re-saving also happens only when session variables/cookies changes. If you want to save then always go ahead with resave: true

like image 21
sreesreenu Avatar answered Sep 20 '22 08:09

sreesreenu