Skip to content

Lightweight MongoDB-backed session store for Connect and Express

License

Notifications You must be signed in to change notification settings

ThePacielloGroup/connect-mongodb-session

 
 

Repository files navigation

connect-mongodb-session

MongoDB-backed session storage for connect and Express. Meant to be a well-maintained and fully-featured replacement for modules like connect-mongo

Build Status Coverage Status

MongoDBStore

This module exports a single function which takes an instance of connect (or Express) and returns a MongoDBStore class that can be used to store sessions in MongoDB.

It can store sessions for Express 4

If you pass in an instance of the express-session module the MongoDBStore class will enable you to store your Express sessions in MongoDB.

The MongoDBStore class has 3 required options:

  1. uri: a MongoDB connection string
  2. databaseName: the MongoDB database to store sessions in
  3. collection: the MongoDB collection to store sessions in

Note: You can pass a callback to the MongoDBStore constructor, but this is entirely optional. The Express 3.x example demonstrates that you can use the MongoDBStore class in a synchronous-like style: the module will manage the internal connection state for you.

var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);

var app = express();
var store = new MongoDBStore({
  uri: 'mongodb://localhost:27017/connect_mongodb_session_test',
  collection: 'mySessions'
});

// Catch errors
store.on('error', function(error) {
  console.log(error);
});

app.use(require('express-session')({
  secret: 'This is a secret',
  cookie: {
    maxAge: 1000 * 60 * 60 * 24 * 7 // 1 week
  },
  store: store,
  // Boilerplate options, see:
  // * https://www.npmjs.com/package/express-session#resave
  // * https://www.npmjs.com/package/express-session#saveuninitialized
  resave: true,
  saveUninitialized: true
}));

app.get('/', function(req, res) {
  res.send('Hello ' + JSON.stringify(req.session));
});

server = app.listen(3000);

It throws an error when it can't connect to MongoDB

You should pass a callback to the MongoDBStore constructor to catch errors. If you don't pass a callback to the MongoDBStore constructor, MongoDBStore will throw if it can't connect.

var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);

var app = express();
var store = new MongoDBStore(
  {
    uri: 'mongodb://bad.host:27000/connect_mongodb_session_test?connectTimeoutMS=10',
    databaseName: 'connect_mongodb_session_test',
    collection: 'mySessions'
  },
  function(error) {
    // Should have gotten an error
  });

store.on('error', function(error) {
  // Also get an error here
});

app.use(session({
  secret: 'This is a secret',
  cookie: {
    maxAge: 1000 * 60 * 60 * 24 * 7 // 1 week
  },
  store: store,
  // Boilerplate options, see:
  // * https://www.npmjs.com/package/express-session#resave
  // * https://www.npmjs.com/package/express-session#saveuninitialized
  resave: true,
  saveUninitialized: true
}));

app.get('/', function(req, res) {
  res.send('Hello ' + JSON.stringify(req.session));
});

server = app.listen(3000);

It supports several other options

There are several other options you can pass to new MongoDBStore():

var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);

var store = new MongoDBStore({
  uri: 'mongodb://localhost:27017/connect_mongodb_session_test',
  collection: 'mySessions',

  // By default, sessions expire after 2 weeks. The `expires` option lets
  // you overwrite that by setting the expiration in milliseconds
  expires: 1000 * 60 * 60 * 24 * 30, // 30 days in milliseconds

  // Lets you set options passed to `MongoClient.connect()`. Useful for
  // configuring connectivity or working around deprecation warnings.
  connectionOptions: {
    useNewUrlParser: true,
    useUnifiedTopology: true,
    serverSelectionTimeoutMS: 10000
  }
});

Azure Cosmos MongoDB support

It can support MongoDB instances inside Azure Cosmos. As Cosmos can only support time-based index on fields called _ts, you will need to update your configuration. Unlike in MongoDB, Cosmos starts the timer at the point of document creation so the expiresAfterSeconds should have the same value as expires - as expires is in milliseconds, the expiresAfterSeconds must equal expires / 1000.

var express = require('express');
var session = require('express-session');
var MongoDBStore = require('connect-mongodb-session')(session);

var store = new MongoDBStore({
  uri: 'mongodb://username:password@cosmosdb-name.mongo.cosmos.azure.com:10255/?ssl=true&replicaSet=globaldb&retrywrites=false&maxIdleTimeMS=120000&appName=@cosmosdb-name@', 
  databaseName: 'myDb',
  collection: 'mySessions',

  // Change the expires key name
  expiresKey: `_ts`,
  // This controls the life of the document - set to same value as expires / 1000
  expiresAfterSeconds: 60 * 60 * 24 * 14 
});

About

Lightweight MongoDB-backed session store for Connect and Express

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • JavaScript 100.0%