Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why don't mongodb session MongoStore's go away after session ends?

Tags:

node.js

express

mongodb

session

Even with 

app.use(express.session({
    secret: conf.secret,
    maxAge : new Date(Date.now() + 360000),
    expires: new Date(Date.now() + 360000),//I've tried both separately
    store : new MongoStore(conf.db),


}));

The sessions in mongodb stay forever (as far as I have tested)

Are the session stores in MongoDB supposed to just stay there even after the session ends?
Because even with the maxAge or expires in the session declaration, in MongoDB, all the sessions look like this:

{ "_id" : "FU8k3kEzquG/hoSD308H5XHa", "session" : "{\"cookie
\":{\"originalMaxAge\":null,\"expires\":null,\"httpOnly\":true,
\"path\":\"/\"}}" }

Also, in most of my _id's there is some type of non-number/letter character, i.e. /, +, etc. Are they supposed to be like that?

Every time I re-open my browser, a new session is created, but the old one is still there in MongoDB. I just want to know if there is a fix to this, or if this is intentional.

Thanks, Brandon

like image 891
btru Avatar asked Aug 16 '12 00:08

btru

1 Answers

Are the session stores in MongoDB supposed to just stay there even after the session ends?

This is the expected behaviour if your browser's cookie expires but the session information has been saved in a persistent backend data store like MongoDB. The two data stores (backend versus browser-based cookie) can have different expiries.

Assuming you are using connect-mongodb to persist the sessions, the default reapInterval should trigger removal of expired sessions every 60 seconds.

Since your session expiry is set to "null" these sessions would never expire. The session expiry should be the same as the cookie expires value .. so if it's not being set you probably need to do a bit of debugging to track down the issue.

It's possible that these are old sessions saved before you tried setting the maxAge; I would check if new sessions are setting expires as you'd expect. If so, you may need to manually delete some of the older non-expiring sessions.

Also, in most of my _id's there is some type of non-number/letter character, i.e. /, +, etc. Are they supposed to be like that?

Yes, Express sessionIDs are 24-character long alphanumeric strings.

like image 76
Stennie Avatar answered Sep 25 '22 02:09

Stennie
Sign in to Comment

Related questions

How use prototype in node.js
Reconnecting in Socket.io and maintaining client id?
Can I sort by an element within a nested array in Mongo?
Realtime application - asp.net alternative to node.js and socket.io
node.js + postgres database transaction management
How to structure communication between Nodejs server and rails?
NodeJS + SocketIO: Scaling and preventing single point of failure
What is preferred way to submit form with express?
Long polling in node.js - how to 'timeout' the pending requests if no data is available?
Installing and running browserquest on ubuntu
Node.js - why do I get leaks when testing with mocha and zombie?
nodejs - Why Node.js can handle large number of simulteneous persistent connections?
Nodejs app structure
Test that a function calls another function with Mocha
NodeJS required module not available in other modules
Trigger Promise when an event fires
Running "npm start" fails due to error - Angular2
Is it a common choice to deploy an AngularJS app to a vanilla Apache HTTP server?
how to clear warnings in node js while using mongoose
WebRTC: Matching up nearest peers

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!