Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Provide newly created session as an argument for regenerate callback
See original GitHub issueThe session regeneration is not happening in-place (which is not clear from documentation), but it’s done by reassigning the session prop on req object.
In order to access regenerated session, user either has to always pass request object together with session object or he has to use session.req.session (weird and probably not part of a public API).
// somewhere outside of middleware, without an access to request
this.session.regenerate(error => {
if (error) {
return reject(error);
}
this.session.userId = user.id; // OLD SESSION !!! won't work
this.session.req.session.userId = user.id // works but wtf...
return resolve();
});
I think it would make sense to make new session object accessible via callback args:
// somewhere outside of middleware, without an access to request
this.session.regenerate((error, session) => {
if (error) {
return reject(error);
}
this.session = session; // update session
this.session.userId = user.id // store something
return resolve();
});
I also think it better indicates that the “old” session is obsolete…
Issue Analytics
- State:
- Created 7 years ago
- Comments:8 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
In addition, I feel like this issue is also saying that the way people will use this API is that they just won’t even read the README. I think the README (https://github.com/expressjs/session#sessionregeneratecallback) is very clear on exactly what this method does and where the regenerated session will become accessible from.
Even though I have read the README, I have to admit I really missed the part:
my apologies for that (I was punished already, it took me some time to find the problem), however maybe the example which follows:
could be a little bit more specific about
here? You know the thing is you call regenerate on session, but the updated object is not a session, but a request object… if I would call something likereq.regenerateSession()it would make sense I think…I just wonder if the old session object can still be considered “consistent” and usable after the regeneration. It seems that the req object (while still tightly coupled) is no longer relevant to the old session…?
I think that mentioning this in documentation could help some stupid people like me. I would dare to claim that inablity to pass an object alone is not ususal and maybe it contradicts with some OOP principes (just some feelings…)?
Disclaimer: I don’t seek “satisfaction”, I am just sharing some thoughts … feel free to not reply and keep this closed … I respect and appreciate your work and contribution… Happy new year 😃