session
session copied to clipboard
koajs
Simple session middleware for koa
**Documentation**: - Add a security example for `app.keys` by redefining Keygrip to use sha512 instead of default sha1
I noticed that in one case koa-session tries to use cookies when you specified an externalKey: when destroying the session. This simple fix should mitigate that by respecting the externalKey...
This references issue: #178. When session data is stored in the cookie, it isn't cryptographically encrypted, and is therefore unsecure. The existing `encode` and `decode` functions simply pass the JSON...
Right now when the session is destroyed, the session cookie is made empty, not removed. That's an incorrect behavior, the cookie should be deleted as well. For that, we need...
Say cookie name is `foo`. When you do `ctx.session = null;`, on client side, the cookie `foo.sig` is cleared, the cookie `foo` is still there with its original value. Why...
I would love to get this working for my case, but I find the following part of the readme extremely cryptic: > You can store the session content in external...
I'm using `koa-session` with params: ``` { key: 'sid', prefix: 'sess:', httpOnly: true, path: '/', overwrite: true, signed: false, maxAge: 3600 * 4 * 1e3, rolling: true } ``` Session...
`turbo-crc32` is about 2x times faster than `crc`. ``` crc: 987.866ms buffer-crc32: 1387.205ms turbo-crc32: 447.711ms ```
## Example ### dependencies ```json "dependencies": { "koa": "^2.6.2", "koa-session": "^5.10.1" } ``` ### index.js ```js const session = require('koa-session'); const Koa = require('koa'); const app = new Koa(); app.keys...
I need to check session is empty. After session expired, using console.log of session returns {}. But when I try Object.keys(session).length, it's not 0 even there's no property in the...
