When to use saveUninitialized and resave in express-session ?
I'm newbie for Mern stack and am trying to implement session management. where I came across "express-session", I found a common syntax
app.use(session({
secret: 'your-secret-key',
resave: false,
saveUninitialized: true
}));
when we have to use resave and saveUninitialized. What its main purpose in session management and in resave where the session-datas will be stored?
When you receive a HTTP request and assume that request doesn't contain a session cookie, a new session will be created by express-session.
You might experience one of the following cases:
Uninitialised = false Creates an empty session object, it is called uninitialised state. At the end of request this session object will not be stored in your session store.Choosing false is useful for implementing login sessions, reducing server storage usage.
Uninitialised = true
It means that Your session will be stored into your store every time for request even it was empty.
resave = true
Forces the session to be saved back to the session store, even if the session was never modified during the request but it can also create race conditions where a client makes two parallel requests to your server and changes made to the session in one request may get overwritten when the other request ends, even if it made no changes.
resave = false It will not rewrite the req.session.cookie object. The initial req.session.cookie remains as it is.
The default value of both resave and saveUninitialized is true, but using the default is deprecated. So it entirely depends on the session store that you're using if you need to enable this option or not.