Comments (10)
hm. so there is a lot going on here. can you try adding the option overwrite: true
to the options for this module and see if that fixes your issue?
from cookie-session.
also, noob question, cookieParser should have the same secret as cookie-session right?
also to answer you, overwrite: true is on by default. I only use 3 options, name, secret, secureProxy
basically i just want to updated the maxAge of my session cookies base on some condition
from cookie-session.
cookieParser should have the same secret as cookie-session right?
this module does not require cookieParser at all and so it doesn't matter what your cookieParser is configured with. this module will directly read req.headers.cookie
for you.
also to answer you, overwrite: true is on by default
indeed, it is
basically i just want to updated the maxAge of my session cookies base on some condition
can you show me how you are going about this with code? i don't think this is supported in this module, which may be why you are having issues.
from cookie-session.
well I was literally just overwriting the session cookie but I guess that is why you made the .sig session cookie haha (to prevent this)
you say in your docs that other options are passed to cookies.get() and cookies.set(). I tried adding maxAge: 604800000 (7 days) into the cookie-session options and my session cookies' expiry is still session.
from cookie-session.
well I was literally just overwriting the session cookie but I guess that is why you made the .sig session cookie haha (to prevent this)
um, the reason is so you can get the cookie value directly without checking the signature if you wanted, not to prevent you from changing the expiration.
maxAge: 604800000
the correct spelling for the latest version of this module (which uses an older version of cookie) is actually maxage
(no capital A).
from cookie-session.
ok so can I dynamically change my maxage
based on on a condition after initializing cookie-session with some options?
app.use(cookieSession({
secret: 'secret',
secureProxy: true
}));
then later on
if(req.body.rememberme){
// make session cookie expire in 7days
} else {
// make session cookie expire on session
}
from cookie-session.
it's not possible, that's what i'm saying. basically, you're making a feature request right now :) also, using sessions isn't the way a "remember me" function works--it doesn't keep you logged in for longer, it just sets another secondary cookie with like you username in it.
anyway, no, it's not possible to do that with this module, but a PR implementing this is always welcome
from cookie-session.
ok thank you for spending your time explaining this!
i guess that is why you called it "cookie-session", doh.
I completely understand everything you are saying!
from cookie-session.
using sessions isn't the way a "remember me" function works--it doesn't keep you logged in for longer, it just sets another secondary cookie with like you username in it.
Not quite sure about that. If you take the example of Gmail, it will log you in again when you open the browser next time.
It doesn't say "Remember me" but instead it says "Stay signed in" but I think @yawhide was referring to this last option.
I also expected to find some similar behavior in this component so we could change the maxAge
or set it for the 1st time dynamically in an attempt to create the "Stay signed in" feature.
from cookie-session.
Would it be possible to do something along these lines?
app.use(function(req, res, next) {
var options = {
httpOnly: true,
secure: false,
secureProxy: true,
keys: ['key1', 'key2']
};
if (typeof req.session !== 'undefined' && req.session.staySignedIn !== 'undefined') {
options.maxAge = 30 * 24 * 60 * 60 * 1000; // 30 days
}
return cookieSession(options)(req, res, next);
});
from cookie-session.
Related Issues (20)
- Cookies aren't sent if secure flag set previously HOT 7
- Session does not get stored if keys is not an array HOT 3
- What am I doing wrong? [question] HOT 1
- Clearing session does not remove cookies HOT 8
- Generating unique session.sig after logout/login HOT 3
- Use cookie-session as non middleware HOT 2
- Not working with axios (chrome) but working with Postman HOT 10
- Document: Ambiguity in Signature Documentation HOT 4
- sameSite no longer defaults to 'None' when undefined HOT 4
- session cookie value is exceedingly long and fails Set-Cookie with invalid syntax HOT 2
- secureProxy option to be able to use with non-Express servers behind SSL proxy HOT 1
- Suggestion: a custom name instead of req.session HOT 2
- Update dependency from [email protected] to [email protected] HOT 3
- Is there a risk when someone modifies the userId in the cookie? HOT 2
- Session cookie not sent over from server when using Firefox HOT 4
- Problem using with passport 0.6.0: session.regenerate is not a function HOT 7
- flag Priority=High
- encrypt cookies
- The link to a list of browser cookie limits is dead
- Larger cookies with compression
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cookie-session.