Skip to content

Commit 2c4d5fa

Browse files
roccomusoknolleary
authored andcommitted
add express-session memorystore without leaks (node-red#1435)
* add express-session memorystore without leaks * Bump memorystore to v1.6.0
1 parent bedb2d9 commit 2c4d5fa

2 files changed

Lines changed: 13 additions & 7 deletions

File tree

package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,7 @@
4747
"json-stringify-safe":"5.0.1",
4848
"jsonata":"1.3.0",
4949
"media-typer": "0.3.0",
50+
"memorystore": "1.6.0",
5051
"mqtt": "2.9.0",
5152
"multer": "1.3.0",
5253
"mustache": "2.3.0",

red/api/auth/index.js

Lines changed: 12 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -150,14 +150,19 @@ module.exports = {
150150
login: login,
151151
revoke: revoke,
152152
genericStrategy: function(adminApp,strategy) {
153-
var session = require('express-session');
154-
var crypto = require("crypto");
153+
var crypto = require("crypto")
154+
var session = require('express-session')
155+
var MemoryStore = require('memorystore')(session)
156+
155157
adminApp.use(session({
156-
// As the session is only used across the life-span of an auth
157-
// hand-shake, we can use a instance specific random string
158-
secret: crypto.randomBytes(20).toString('hex'),
159-
resave: false,
160-
saveUninitialized:false
158+
// As the session is only used across the life-span of an auth
159+
// hand-shake, we can use a instance specific random string
160+
secret: crypto.randomBytes(20).toString('hex'),
161+
resave: false,
162+
saveUninitialized: false,
163+
store: new MemoryStore({
164+
checkPeriod: 86400000 // prune expired entries every 24h
165+
})
161166
}));
162167
//TODO: all passport references ought to be in ./auth
163168
adminApp.use(passport.initialize());

0 commit comments

Comments
 (0)