do not add session id to session

fastify · Jun 29, 2022 · a371c36 · a371c36
1 parent 86ac8fc
commit a371c36
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/lib/session.js b/lib/session.js
@@ -70,7 +70,7 @@ module.exports = class Session {
 
   [addDataToSession] (prevSession) {
     for (const key in prevSession) {
-      if (!['expires', 'cookie'].includes(key)) {
+      if (!['expires', 'cookie', 'sessionId', 'encryptedSessionId'].includes(key)) {
         this[key] = prevSession[key]
       }
     }

diff --git a/test/base.test.js b/test/base.test.js
@@ -101,6 +101,7 @@ test('should set session cookie using the default cookie name', async (t) => {
     fastify.addHook('onRequest', (request, reply, done) => {
       request.sessionStore.set('Qk_XT2K7-clT-x1tVvoY6tIQ83iP72KN', {
         expires: Date.now() + 1000,
+        sessionId: 'Qk_XT2K7-clT-x1tVvoY6tIQ83iP72KN',
         cookie: { secure: true, httpOnly: true, path: '/' }
       }, done)
     })
@@ -129,6 +130,7 @@ test('should create new session on expired session', async (t) => {
     fastify.addHook('onRequest', (request, reply, done) => {
       request.sessionStore.set('Qk_XT2K7-clT-x1tVvoY6tIQ83iP72KN', {
         expires: Date.now() - 1000,
+        sessionId: 'Qk_XT2K7-clT-x1tVvoY6tIQ83iP72KN',
         cookie: { secure: true, httpOnly: true, path: '/' }
       }, done)
     })