I'm using Node.JS and Express web framework, I need to work with Sessions.
I would get the expiration timestamp of the session, is this possible?
I would like to know when(timestamp format) the session expires.
Thank you!
From the official Connect docs, session middleware page (Express uses Connect internally):
Session#maxAge
Alternatively req.session.cookie.maxAge will return the time remaining
in milliseconds, which we may also re-assign a new value to adjust the
.expires property appropriately. The following are essentially
equivalent
So req.session.cookie.maxAge is what you're looking for.
Related
I am Switching between two different Dynamic web application through Links.But if i am working on one application for long time then others application session expires and i got redirected to login page, Is there any method to keep session alive beyond maxInactive time interval while i am working on other application page
There are two options-
If both applications requires single sign on feature (like we login to gmail, then all google services are accessible), you can use tomcat clustering and share session accross cluster. Both your apps will be part of the cluster.
A simple work aroud would be to set a heartbeat ajax request in each application. Use JavaScript's timeout function and send ajax request to servlet after a fix interval.
You can anyway update MaxInactiveInterval of server at runtime, there is this method setMaxInactiveInterval available for HTTPsession class object.
Hope this helps. :)
I can think of one option here that is to manage your own Session Pool. You can save the session object in ArrayList<HttpSession> whenever you create new session. And send that session id to your another application. When you return to previous app, you send back session id. And if you find session dead then find that session in your Session Pool by session id and create new session. In new session set attributes of the previous session object.
Hope this might be useful.
I have some problem in this specific scenario:
If my XPages application
If I have my Domino HTTP configure with Single server setting the Ext.lib Keep-Alive control work well...and my session don't expire.
But I I use Domino HTTP configured with Multiple SSO (LPTAtoken) with Firebug I see the Ext.lib Keep-Alive control work well (I see the PING request) but I don't know because my session expire.
Have someone any suggest for me?
Tnx you
p.s. my release in 9 social on linux 32 bit
What kind of key did you use when you created the LTPA token?
When using WebSphere LTPA keys, a token is assigned and it will expire when the time specified in the field Expiration (minutes) elapses, no matter whether you are actively using your application or not.
When examining the documentation for products that use WebSphere server (Sametime, Connections) I found that IBM suggests to set Expiration time to a long interval (such as 600) minutes to minimize the risk of users being logged out in the middle of a working day. I admit that this does not sound like a good suggestion security-wise.
I assume it is the same when using Domino LTPA keys, with the added option of being able to specify Idle Session Timeout.
So, you can either increase the token expiration interval (depending on your requirements this could be an easy fix) or go with Stephan's suggestion. I don't know how to code his approach, but if I find a solution, I'll update this answer.
In a single server setting the server tracks the validity of the cookie. So whenever you hit the server it is updated. In a multi server environment you get a new cookie before expiry. So you need to process the incoming cookie to replace the predecessor. Easiest way using a regular page and an iframe
Hi I am using expressjs for my web application, and I use the session middleware, my question is that how I can do something right before the session expire?
For example, I store something in the session, and I set the req.session.cookie.maxAge to 60000(1 minute), when the session timeout, I want to save the data in the session to disk, how I can do this? I checked the API and the destroy function only support callback...
Thanks!
Assuming you're using connect-session there's nothing like session expiration event.
Sessions expire either :
on the client (when cookie gets outdated). There's no way to know about it until a request is made so there's a danger that the event will never get triggered.
in the session store, usually using some form of time-to-live. Not all session stores support events, so notification can't be done in general.
You can, however try implement your own check using setTimeout() - when it times out check if the session's expiration date is sufficiently close to now and do whatever you need to do.
I have noticed that in order to store a value into the session you simply call
req.session.key = value
without the need to specify a callback. I have set mysql as my session storage adapter using the connect-mysql module. So I am wondering that consider each time I save a value to the session it is being updated in the db, shouldn't there be a callback associated with this? Yet everywhere I look people are happily using it synchronously. Can someone please explain why this is the case? THanks.
The session middleware only actually interacts with the data-store twice per request, rather than immediately with each change:
With Store#get() to retrieve the Session in bulk at the start of a request. (source)
With Store#set() (via Session#save()) to persist the Session in bulk at the end of the request. (source)
Between these steps, changes to the session can be done synchronously. They just should be done before res.end() or similar (res.render(), res.json(), etc.) is called.
On asp.net, we have a session expire event. I'm using node.js with express.js and the default memory store for sessions. Every time I restart node, the sessions are lost. Ideally, I'd like to save the sessions to the db (can't use redis).
Is there a session expire event?
If you want to save the sessions to a database which isn't Redis, there are more solutions: https://github.com/senchalabs/connect/wiki (check the Session Stores section).
As far as I know there isn't such an event for cookie/session expiration (I've looked at the code for Connect and didn't find such a feature).
Also if you don't want to use sessions with a database at all, the are several modules for that (storing sessions in cookies, encrypted):
https://github.com/jpallen/connect-cookie-session
https://github.com/ciaranj/express-session-cookie