next-session icon indicating copy to clipboard operation
next-session copied to clipboard

Published 20 hours ago verified publisher icon hoangvvo

feature: Add session.regenerate()

Open sititou70 opened this issue 9 months ago • 4 comments

To prevent session fixation attacks, it would be useful to have an API to regenerate session ID.

session.regenerate() API replaces the current session ID with a new generated one. Return Promise.

await session.regenerate();
await session.commit(); // if `autoCommit` is set to `false`.

This is similar to express-session's Session.regenerate(callback) and PHP's session_regenerate_id.

sititou70 avatar May 22 '24 15:05 sititou70