开发者

Express session store and reapInterval

问答 作者:

I have a question about express session store memory with setting the reapInterval value. I have an example code, which will output the values of a memorystore every 5 seconds. If i 开发者_C百科now set a reapinterval of 5000, it should clean up expired session every 5 seconds right? So my example looks like this:

/**
 * Module dependencies.
 */

var express = require('express');
var app = module.exports = express.createServer();
var MemStore = require('express/node_modules/connect/lib/middleware/session/memory');
var store = new MemStore({reapInterval: 5000});

// Configuration

app.configure(function(){
  app.set('views', __dirname + '/views');
  app.set('view engine', 'jade');
  app.use(express.bodyParser());
  app.use(express.methodOverride());
  app.use(express.cookieParser());
  app.use(express.session({secret: 'your secret here', store: store, cookie: {maxAge: 30000}}));
  app.use(app.router);
  app.use(express.static(__dirname + '/public'));
});

setInterval(function(){
    console.log(new Date());
    console.log(store);
}, 5000);

app.configure('development', function(){
  app.use(express.errorHandler({ dumpExceptions: true, showStack: true })); 
});

app.configure('production', function(){
  app.use(express.errorHandler()); 
});

// Routes

app.get('/', function(req, res){
  res.render('index', {
     title: 'Express'
  });
});

app.listen(3000);
console.log("Express server listening on port %d in %s mode", app.address().port, app.settings.env);

And now the problem is, that if I revisit the page after 30 seconds, I get a new SID, but the old session in memorystore is still there... should it not be checked every 5 seconds and deleted?

Thx for your help!

So the first problem is a misunderstanding here. reapInterval does not do anything. MemoryStore clears cookies based on the expire time of session cookie. So there is in fact a bug in Connects MemoryStore. The way I see it the broken flow goes like this.

  • Set cookie to expire in X.
  • Get session data, has X gone by? No, ok.
  • (cookie expires)
  • Get session data, session doesn't exist, generate new one.
  • X has gone by but the session ID is missing because the browser expired it already.

There is a discussion regarding this here.

https://github.com/senchalabs/connect/issues/328

And a juicy quote

"short cookie sessions would be screwed I guess" --visionmedia

继续阅读:expressnode.jssession

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9