How to keep session in expressjs to not expire

Question

I have written a simple cms in nodejs using expressjs framework. I used passportjs for authentication using twitter. below is my app.configure:

app.configure(function(){
//views
app.set('views', __dirname + '/views');
app.set('view engine', 'ejs');
//parse request bodies
app.use(express.bodyParser());
app.use(express.methodOverride());
// session support
app.use(express.cookieParser(cfg.cookie_secret));
app.use(express.session({
  key : 'whynode',
  store : sessionStore,
  cookie: { 
    expires: new Date(Date.now() + 60 * 10000), 
    maxAge: 60*10000
  }
}));
app.use(passport.initialize());
app.use(passport.session());
//pass user data
app.use(function(req, res, next) {
  res.locals.req_path = req.path;
  res.locals.user = req.user || false;
  next();
});
//get routers
app.use(app.router);
//serve asset files
app.use('/assets', express.static(__dirname + '/public'));
});

I used redis for session store. full app.js code can be viewed here full app.js What I am now experiencing is when I leave app unused for some minutes, session expires and I need to login again. How do we make so that session doesnot timeout for atleast 2-3 hours of inactivity?

Answer 1

For RedisStore you can set disableTTL to true. Keys will stay in redis until evicted by other means.

var sessionStore = new RedisStore({client: rClinet, disableTTL: true})

Answer 2

Adjust this code:

cookie: { 
  expires: new Date(Date.now() + 60 * 10000), 
  maxAge: 60*10000
}

That sets the expiry for your session to 10 minutes. You don't need to use both maxAge or expires, one will suffice (the difference is that expires uses a Date instance and maxAge just means expire X milliseconds from now).