session
session copied to clipboard
Simple session middleware for Express
Sometimes, there is the need to refresh the session ID **without** loosing the session data. Examples: 1. Refreshing session ID after authentication (to protect against session fixation attacks) https://www.owasp.org/index.php/Session_fixation https://github.com/jaredhanson/passport/issues/192...
Fixes #442 Marked as draft because I would like to get some feedback on this approach before spending any more time on tests.
I am using passport-saml. In the callback URL req.session. i have passport with user details. But in other api calls it is empty. Please check this question in stack over...
Hi, I'm maintaining the express session store for [Prisma](https://www.prisma.io) ([prisma-session-store](https://github.com/kleydon/prisma-session-store/pulls)). Recently, a developer asked whether there might be a way to destroy _all_ sessions _for a given user_ (as might...
There are still a few(actually a lot of the same) errors on the standard that I'm not understanding how to fix (90% are the test/session.js). here's just a few: -...
See #857 This PR enables secure cookies to be transmitted when the remoteAddress is localhost (both IPv4 & IPv6) I also updated the README to match the new behavior, but...
Hi! :wave: This fixes #477. It bit me, and figuring out what broke in my application took forever, so I figured I'd try to fix it. I'm not familiar with...