Reputation: 991
Change cookie expiration in Express
Because I didn't define a maxAge when calling expressServer.use(express.session({params})) the cookie's expiration is set as "Session".
I would like to add a "remember me" feature when logging in. If "remember me" is selected, the expiration will be extended to a month.
How would I go about doing this? I tried simply extending the maxAge, but that didn't seem to do anything...
expressServer.get '/blah', (request, response) =>
request.session.cookie.maxAge = 2592000
response.end 'hello there'
I tried making a simple server to test updating a user's cookie. I'm using Express 3.0.4
When I visit 127.0.0.1:9000/blah, the browser cookie's "expires" field is still "session"...
express = require 'express'
expressServer = express()
expressServer.use express.cookieParser()
expressServer.use express.session
secret: 'supersecret'
cookie:
path: '/'
httpOnly: true
expressServer.get '/', (request, response) =>
response.end 'hello'
expressServer.get '/blah', (request, response) =>
request.session.cookie.maxAge = 3600000
response.end 'hello again'
expressServer.listen 9000
console.log 'server running'
Upvotes: 22
Views: 70716
Answers (5)
Reputation: 771
Or You can try this, it worked for me:
if ( req.body.remember )
{
var oneWeek = 7 * 24 * 3600 * 1000; //1 weeks
req.session.cookie.expires = new Date(Date.now() + oneWeek);
req.session.cookie.maxAge = oneWeek;
}
Upvotes: 0
Reputation: 12072
If you want to implement rolling sessions with cookie-sessions in express 4, configure the middleware like this:
app.use(cookieSession({
secret: your_secret,
maxAge: your_maxAge,
key: 'sessionId'
}));
Note that you do not need to set the expires option.
In order to extend your session, simply alter it like this:
app.get('*', function (req, res, next) {
req.session.foobar = Date.now();
next();
}
Note that in express 4 there is no req.session.touch().
Upvotes: 6
Reputation: 1108
Set cookie name to value, where which may be a string or object converted to JSON. The path option defaults to "/".
res.cookie('rememberme', '1',
{ expires: new Date(Date.now() + 900000), httpOnly: true });
For further references following the link may be used
http://expressjs.com/api.html#res.cookie
Upvotes: 11
Reputation: 162
I found an answer that seems to work for me; add it to the top of your routes.
app.all '*', (req,res,next) ->
if req.method is 'HEAD' or req.method is 'OPTIONS'
next()
else
req.session._garbage = Date();
req.session.touch();
next();
Upvotes: 2
Reputation: 75666
I have a checkbox that says "remember me" on the /login page:
<p class="remember">
<input type="checkbox" id="remember" name="remember" value="1" />
<label for="remember">Remember me</label>
</p>
Then in my POST route to /login I do some sanity checking and set the session if req.body.remember is set otherwise its just a window session:
//user is authenticated
//set session length
if ( req.body.remember ) {
var hour = 3600000;
req.session.cookie.maxAge = 14 * 24 * hour; //2 weeks
} else {
req.session.cookie.expires = false;
}
req.session.userid = user._id;
Add the following few lines (I use redis) in app.js:
app.use(express.cookieParser('secret-word'));
app.use(express.session({
store: new RedisStore({
host: cfg.redis.host,
db: cfg.redis.db
}),
secret: 'another-secret'
}));
Upvotes: 20
Related Questions
- How to extend express session timeout
- Why does my session cookie expire?
- Renewing Cookie-session for express.js
- nodejs, how to set express session cookie not to expire anytime
- Express Session Different Expiration
- Express JS - Reset cookie expiration time
- Setting Node.js Express session expiration time in SessionStore in stead of in cookie
- Node session cookie that expires
- In Express the Session Cookie Expires Too Early
- How do I dynamically set the session cookie's expires/maxAge in Express/Node.js?