lzztt / koa-session-minimal Goto Github PK
View Code? Open in Web Editor NEWMinimal implementation of session middleware for Koa 2
License: MIT License
Minimal implementation of session middleware for Koa 2
License: MIT License
deep-equal
is not only 2 orders of magnitude slower than fast-deep-equal
, but it's by far the biggest dependency tree limbs in the project containing polyfills that haven't been needed for browsers or Node since 2015 (and your package.json
denotes "node": ">= 14"
). At 38M weekly downloads, it is not a small project either. Swapping dependencies to fast-deep-equal
could save consumers kilobytes and reap a performance benefit. Transitive dependencies would go from 53 to 4.
any reason you provided a default for the 'secure' option? the cookies module dynamic default seems more intuitive than your hardcoding of false
ctx.sessionId is useful and necessary
First of all: great session middleware - it works really well as a drop-in replacement for koa-generic-session
. Thanks!
I am using this in conjunction with the redisStore and, whenever node restarts, the session is lost.
The secret
option is a fixed string - so I'm not so sure why this is happening.
Just putting it out there in case it's not just me. ๐
as koa-generic-session has this.sessionId
Hi, I'm trying to figure out if it'll be possible to implement some additional session validation mechanisms (to help guard against session hijacking). Currently, I don't see anywhere where ctx can be obtained by the session store from koa-session-minimal; this is something that'd be necessary for my purposes.
Is there any way that this could be implemented or hooked in? Possibly an optional Promise call for stores? A new option that takes a fn that returns a promise and gets passed the ctx and session?
Hey thanks for lib as koa-generic is a bit outdated, btw using this with Postgres is same with this lib + koa-pg-session? Or anything else recommended?
Also main question any possibilites for typescript 2 typings? Would be really awesome to use this with typescript
Some app may get session from request header rather than from cookie, so can support it?
i use it with koa-generic-session-mongo like this:
app.use(session({
cookie: {maxAge: 1000 * 60 * 60 * 24 * 30},//30 days
store: new MongoStore()
}))
when i set: ctx.session.user = user , the shell tell me:
(node:12780) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): TypeError: Cannot read property 'maxAge' of undefined
node version: 7.2.0
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.