Clearing sessions in mongodb, expressjs, nodejs

node.js mongodb express everyauth
15,780

Solution 1

If you want to fully clear the session for the user on logout you can call req.session.destroy() from your everyauth.everymodule.handleLogout function. Only req.session.auth is cleared when you call req.logout().

Solution 2

why is it creating a new session in mongo store.Is there any way to prevent it when i am redirected to login again. – loneranger Jun 7 '15 at 5:43

There's a saveUninitialized option to prevent the session to be saved if it does not contain any data.

app.use(session({
    secret: 'secret123',
    store: new MongoStore({
        mongooseConnection: mongoose.connection,
        ttl: 60 * 30 // half hour
    }),
    saveUninitialized: false
}));
Share:
15,780
Rajat
Author by

Rajat

JavaScript Developer. http://lifeinafolder.com

Updated on August 11, 2022

Comments

  • Rajat
    Rajat almost 2 years

    My configuration:

    app.configure(function(){
    app.set('views', __dirname + '/views');
    app.set('view engine', 'jade');
    app.use(express.bodyParser());
    app.use(express.cookieParser());
    app.use(express.session({
        secret: 'MY SECRET',
        store: new MongoStore({
            db: 'MY SESSION DB',
            host: 'localhost',
            port:88888
        })
    }));
    app.use(everyauth.middleware());
    app.use(express.methodOverride());

    app.use(app.router);
});

app.configure('dev', function(){
    app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
    appPort = config.port; //Setting PORT to 8888 in dev mode.
    app.use('/public', express.static(__dirname + '/public'));
});

app.configure('production', function(){
    app.use(express.errorHandler());
    appPort = config.port;
    //Set cache-header-expires to 1 day
    var oneDay = 86400000;
    //app.use('/public', express.static(__dirname + '/public'));
    app.use('/public',express.static(__dirname + '/public', { maxAge: oneDay }));
});

    Now, I have a 'logout' link which goes to /logout on my app.

    AFAIK, express automatically takes care of clearing sessions on logout. But with my config, I dont think its doing that. For example, A custom variable attached to session

    req.session.custom

    still holds after logout. However,

    req.session.auth

    is cleared after logout.

    The number of session object in my MongoDb store are only incrementing over time. I am using everyauth as well.

    What am I missing or doing wrong?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

NodeJS + Express + Mongo Session storage
I'm a complete newbie, how can I learn Node.Js + Express + MongoDB?
Postman raw data works but form-data not works on POST request in node
Finding an Embedded Document by a specific property in Mongoose, Node.js, MongodDB
Trouble with PUT request using Node.js (express), Angular, and MongoDB
How to get the response time in node js
ExpressJS & Mongoose REST API structure: best practices?
Mongodb aggregate $push with $cond and $each
How to return Mongoose query results without callback
How can I sort and limit with Mongoose