How express-session manages its session storage?

Question

Let's imagine that my node.js+express+socket.io server with express-session middleware is using mongoDB as storage ('connect-mongo') with maxAge of session set to null (i.e cookie lasts as long as user's browser is opened), and now this server is completely down.

Ages are passing by and in a new century, while Earth being torn apart by Zombies, Werewolfs and Alien Invaders, a bunch of insanely brave scientists discover intact remnants of my server and boots them up.

So, by this time many (if not every) client's browsers was closed and cookies cleaned. If one of those clients will connect to my server, server will discover that he (client) not presenting any valid cookie and will make a new one for him.

Now - the part in which i'm interested - what happend with those old sessions stored in connect-mongo storage. Obviously server wasn't able to clean them up while he was down, and now they will just hang as dead cargo in DB storage? Or there is some mindblowing magic behind it, that will, after server reboot, somehow 'know' that those users ended their sessions long ago, while server was down and will clean everything up accordingly?

Answer 1

express-session doesn't enforce any clean-up behavior for its stores (at least I didn't see any evidence of that in the source code). However, stores may certainly clean up stale sessions. For example, from the connect-mongo documentation:

By default, connect-mongo uses MongoDB's TTL collection feature (2.2+) to have mongod automatically remove expired sessions. But you can change this behavior.