A session store implementation for Express & Connect backed by a NeDB Promises datastore (either in-memory or file-persisted).
Previously this code was made by James M. Greene, but I did a lot of changes, I rewrote it on TypeScript for nedb-promises which is based on @seald-io/nedb package to solve some vulnerability issues.
npm install --save nedb-promises-session-storeconst session = require('express-session');
const makeStore = require('nedb-promises-session-store');
// on Typescript you should import it like this
// import makeStore from 'nedb-promises-session-store';
makeStore({
connect: session,
filename: 'path_to_nedb.db'
});Optional. [Number] The default expiry period (max age) in milliseconds to use if and ONLY if the session's expiration is not controlled by the session Cookie configuration. Defaults to 2 weeks.
Optional. [Boolean] Only persist the datastore within the available in-process memory. Defaults to false.
Optional. [String] The path to the file where the datastore will be persisted. If not provided, the datastore will automatically be assigned the filename of 'data/sessions.db'.
For more details about the underlying filename option, please read about it in the [NeDB documentation][].
Optional. [Function] A hook that you can use to transform data after it was serialized and before it is written to disk. A common example usage for this hook is to encrypt data before writing the database to disk.
ONLY applies when your NeDB datastore is file-persisted!
For more details about the underlying afterSerialization option, please read about it in the [NeDB documentation][].
Optional. [Function] The inverse of afterSerialization: a hook that you can use to transform data after it was read from disk and before it is deserialized. A common example usage for this hook is to decrypt data after reading the database from disk.
ONLY applies when your NeDB datastore is file-persisted!
For more details about the underlying beforeDeserialization option, please read about it in the [NeDB documentation][].
Optional. [Number] NeDB will refuse to start if more than this percentage of the datafile is corrupt. Valid values must be a number between 0 (0%) and 1 (100%). A value of 0 means you do NOT tolerate any corruption, 1 means you do not care about corruption. NeDB uses a default value of 0.1 (10%).
ONLY applies when your NeDB datastore is file-persisted!
For more details about the underlying corruptAlertThreshold option, please read about it in the [NeDB documentation][].
Optional. [Number] NeDB's file persistence uses an append-only format for performance reasons, meaning that all updates and deletes actual result in lines being added at the end of the datastore file. To compact the file back into a 1-line-per-document format, you must either restart your application or specify an automatic compaction interval with this option. Valid values must be either null (disabled) or an integer between 5000 (5 seconds) and 86400000 (1 day). Defaults to 1 day.
ONLY applies when your NeDB datastore is file-persisted!
For more details about the underlying automatic compaction functionality, please read about it in the NeDB documentation.
const sharedSecretKey = 'yoursecret';
const express = require('express');
const session = require('express-session');
const makeStore = require('nedb-promises-session-store');
const app = express();
app.use(
session({
secret: sharedSecretKey,
resave: false,
saveUninitialized: false,
cookie: {
path: '/',
httpOnly: true,
maxAge: 365 * 24 * 60 * 60 * 1000 // e.g. 1 year
},
store: makeStore({
connect: session,
filename: 'path_to_nedb_persistence_file.db'
}),
})
);