node.jsexpressgeddystateless-session

NodeJS - Framework for stateless sessions?


Is there a framework to support fully client-managed sessions? In other words, instead of storing just the signed pid in the cookie (as Express does), store all context... so that you can manage state across clusters without the requirement to persist.


Solution

  • There is express middleware which supports this:

    https://github.com/expressjs/cookie-session

    cookieSession()

    Provides cookie-based sessions, and populates req.session. This middleware takes the following options:

    Middleware:

    var cookieSession = require('cookie-session')
    ...
    app.use(cookieSession({
        name: "my_session_cookie",
        secret: "dont_tell_anybody_the_secret_and_change_it_often",
        options: { ... }
    ));
    
    app.use((req, res, next) => {
        // set options on req.session before your response goes out
        req.session.viewCount = (req.session.viewCount || 0) + 1;
        res.end(`You viewed the page ${req.session.viewCount} times.`);
    });
    

    To clear a cookie simply assign the session to null before responding:

    req.session = null