Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

add user_id field in session table

See original GitHub issue

When a user does a password reset / changes his password, it makes sense to drop all sessions for that user. Currently the user id is stored inside a json blob on the session, so it becomes very inefficient to query for all sessions that belong to a specific user.

In issue #53 ( https://github.com/chill117/express-mysql-session/issues/53 ), it was suggested that one way to workaround this issue is to, A) not use createDatabaseTable: true, B) add a user_id column, and C) right after login, update the session with the appropriate user_id.

However, this approach has the downside that “user_id” cannot be a “NOT NULL” column with a foreign key constraint pointing to the user table. This in turn would enable cascading deletes for sessions when a user is deleted.

      columnNames: {
        user_id: 'user_id',
        ...
     }

Do you agree that having such a column is a good idea, i.e. would you accept a PR to add one?

Issue Analytics

  • State:open
  • Created 6 years ago
  • Reactions:1
  • Comments:16 (8 by maintainers)

github_iconTop GitHub Comments

3reactions
mocommented, Feb 12, 2018

I’m still interested in this feature.

The field that passport puts into “data” for me is called “user” but the database column I have is called “user_id”. Ideally, I think it’s good if the session storage does not mandate certain column names so it would be nice to find a solution that ensures this, even for “dataWithOwnColumns” columns.

Did you mean that dataWithOwnColumns could be combined with columns, like this:

{
    createDatabaseTable: false,
    schema: {
      tableName: 'my_session_table',

      // note that I changed this to "user" instead of "user_id" since it refers to the data property
      dataWithOwnColumns: [ 'user' ],

      columnNames: {
        session_id: 'session_id',
        expires: 'expires',
        data: 'data',
        user: 'user_id'
      }
    }
  }
}

I suppose another option would be to simply omit the “dataWithOwnColumns” member, and instead make a rule that says:

If there is any property KEY:VAL inside columnNames dict where KEY is not “session_id”, “expires” or “data”, then the session store will create a column called VAL and assume that the data for it is in data[KEY]

{
    createDatabaseTable: false,
    schema: {
      tableName: 'my_session_table',
      columnNames: {
        session_id: 'session_id',
        expires: 'expires',
        data: 'data',
        user: 'user_id'
      }
    }
  }
}
1reaction
HoldYourWafflecommented, May 3, 2019

I’m not sure I completely understand what @mo is suggesting here, but wouldn’t an implementation of #91 fix the inefficiency problem? I haven’t used the JSON column type yet since it didn’t exist the last time I did something with MySQL, but a quick google search tells me it allows for more efficient querying using something like JSON_EXTRACT.

Read more comments on GitHub >

github_iconTop Results From Across the Web

php - Symfony3 : Add user_id field in sessions table to prevent ...
The best solution I came up with is to add the user id to my sessions storage on database but I can't make...
Read more >
laravel session with database driver how to insert user_id field ...
Hi. I am using Laravel 5.5 and storing session in database table name with session. Copy Code Schema::create('sessions', function (Blueprint $table) ...
Read more >
Adding a user id column to CI's session table
Hi all, I'm looking to affiliate each row in CI's session table with a particular user. The user has an id in a...
Read more >
19449 (Add user id to sessions table) - Django's bug tracker
Add user id column to the session model to allow developers to easily retrieve old session data for a user, and to allow...
Read more >
16 Maintaining Access Manager Sessions - Oracle Help Center
An Access Manager session is created during authentication and bound to both the user and ... and add fields to the query form...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Upgrade to mysql2 package

Next page

protocols and anonymityLevels options mutually exclusive?