admin管理员组文章数量:1304152
According to
var sessions = require("client-sessions");
app.use(sessions({
cookieName: 'mySession', // cookie name dictates the key name added to the request object
secret: 'blargadeeblargblarg', // should be a large unguessable string
duration: 24 * 60 * 60 * 1000, // how long the session will stay valid in ms
activeDuration: 1000 * 60 * 5 // if expiresIn < activeDuration, the session will be extended by activeDuration milliseconds
}));
I want my users' sessions to be active for a maximum of 30 days. If I set duration to 30 days and activeDuration to 30 days, I think I'll end up with 60 day long sessions.
If I set duration to 15 days and activeDuration to 15 days, won't a user who logs in and then does nothing at all be logged out in 15 days (not that I expect that kind of user behavior, but is my assumption correct?)
All I want is for every time a user es to the site to get 30 days before they need to re-login. How do I get that behavior?
According to https://github./mozilla/node-client-sessions#usage
var sessions = require("client-sessions");
app.use(sessions({
cookieName: 'mySession', // cookie name dictates the key name added to the request object
secret: 'blargadeeblargblarg', // should be a large unguessable string
duration: 24 * 60 * 60 * 1000, // how long the session will stay valid in ms
activeDuration: 1000 * 60 * 5 // if expiresIn < activeDuration, the session will be extended by activeDuration milliseconds
}));
I want my users' sessions to be active for a maximum of 30 days. If I set duration to 30 days and activeDuration to 30 days, I think I'll end up with 60 day long sessions.
If I set duration to 15 days and activeDuration to 15 days, won't a user who logs in and then does nothing at all be logged out in 15 days (not that I expect that kind of user behavior, but is my assumption correct?)
All I want is for every time a user es to the site to get 30 days before they need to re-login. How do I get that behavior?
Share Improve this question asked Aug 1, 2018 at 15:34 Glen PierceGlen Pierce 4,8415 gold badges36 silver badges53 bronze badges2 Answers
Reset to default 7 +25You can use express-session NPM to achieve your functionality:
Here is the code and reference links:
CODE:
let session = require('express-session')
let time = new Date(Date.now() + (30 * 86400 * 1000))
let app = express()
let sess = {
secret: 'keyboard_cat',
cookie: { maxAge: time }
}
if (app.get('env') === 'production') {
app.set('trust proxy', 1) // trust first proxy
sess.cookie.secure = true // serve secure cookies
}
app.use(session(sess))
app.use(session({
genid: function(req) {
return genuuid() // use UUIDs for session IDs
},
secret: 'keyboard cat'
}))
//call your route and do session things here
app.get('/', function(req, res, next) {
if (req.session.views) {
req.session.views++
res.setHeader('Content-Type', 'text/html')
res.write('<p>views: ' + req.session.views + '</p>')
res.write('<p>expires in: ' + (req.session.cookie.maxAge / 1000) + 's</p>')
res.end()
} else {
req.session.views = 1
res.end('wele to the session demo. refresh!')
}
})
For more refer this links:
NPM package
example
UPDATE 3:
I was thinking about an easier way using your original configuration. try to set duration to one day and activeDuration to 30. Or for testing purposes, set duration to 1 minute and activeDuration to 5 minutes and log in and use the site withing the first minute and then again in 3 minutes. See if that would work.
UPDATE 2:
To make things clearer In my last update I was referring to a different connect middleware the express-session middleware. usage:
npm install express-session
then:
var session = require('express-session')
app.use(sessions({
secret: 'blargadeeblargblarg',
cookie: {expires = new Date(Date.now() + (30 * 86400 * 1000))}
}));
app.use(function(req, res, next) {
// Here you implement a function to load the session if it's valid
// you check whether the req.session.cookie.expires is < now and if it is
// you call req.session.reload(callback function after reloading has pleted)
next();
});
for more information:
https://github./expressjs/session
UPDATE:
Basically you are asking for something similar to a timeout. Remove both duration and activeDuration and use this instead: expires: new Date(Date.now() + (30 * 86400 * 1000)) this will mean that once a user login, every time they use your site they get their session renewed by 30 days from the time of last access.
If you need the user to log in after 30 days, then I would set activeDuration to 0. This way the session will never be extended beyond 30 days even if the user is active and they would have to log in again.
activeDuration is the period of time before session expiration in which if the user is active, the session will be extended by that duration.
For example: you set duration to 30 days and activeDuration to 5 days. Say the user bees active 4 day before session ends. This way they get an additional 5 days on top of the original 30 days. Say the bee active again in the extra 5 days. Then they get another 5 days on top of the 35 days now. So this means if the user stays active the session never expires.
本文标签:
版权声明:本文标题:javascript - How to make session last maximum of 30 days using client-sessions duration and activeDuration - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741780845a2397298.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论