Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Why session not persisted anymore after expire time?

See original GitHub issue

Hi, i I apologize in advance if this is a not good place to ask questions but i am cant wrap my mind around this one. I am trying to use express-session with expires time and store session with mongo, like this.


const config = require('./config/config')();
const session = require('express-session');
const MongoStore = require('connect-mongo')(session);
const express = require('express');
const app = express();



var expiryDate = new Date(Date.now() + 5 * 1000) // 10 second
app.use(session({
    secret: config.secret,
    store: new MongoStore({ url: config.mongo_url }),
    resave: false,
    saveUninitialized: false,
    cookie: {
        secure: process.env.NODE_ENV == 'production' ? true : false,
        expires: expiryDate,
    }
}));


app.use('/', function(req, res){
    req.session.views = req.session.views ? req.session.views + 1 : 1;
    console.log(req.session.views);
    res.sendStatus(200);
});

app.listen('8080');

This code works perfectly first time. But the problem came in when the session expired. next session would not persists at all. It would be new session every time i make request. Like this:

Can you guys help me out?

Issue Analytics

State:
Created 3 years ago
Comments:5 (3 by maintainers)

Top GitHub Comments

1reaction

gabeiocommented, Jan 13, 2021

On boot the var expiryDate = new Date(Date.now() + 5 * 1000) // 10 second is evaluated to 10s in the future. After which it is never updated, so when 10s passes all cookies should expire immediately, since the global expiryDate is in the past it will expire every time, if you’d like to test my theory you can try:

const config = require('./config/config')();
const session = require('express-session');
const MongoStore = require('connect-mongo')(session);
const express = require('express');
const app = express();



var expiryDate = new Date(Date.now() + 5 * 1000) // 10 second
app.use(session({
    secret: config.secret,
    store: new MongoStore({ url: config.mongo_url }),
    resave: false,
    saveUninitialized: false,
    cookie: {
        secure: process.env.NODE_ENV == 'production' ? true : false,
        expires: expiryDate,
    }
}));


app.use('/', function(req, res){
    req.session.views = req.session.views ? req.session.views + 1 : 1;
    console.log(req.session.views);
    console.log(expiryDate); // <- printing the date
    console.log(req.session.cookie.expires); // <- print the cookie expires (this might not worry, I'm not in-front of my computer to test this)
    res.sendStatus(200);
});

app.listen('8080');

0reactions

bettafish15commented, Jan 13, 2021

Hi @bettafish15 what @gabeio is saying is correct; the behavior you want is accomplished by using maxAge and not expires. Since expires sets an absolute expiration date on the boot of your app. This is why you are seeing the postman/chrome ignore the cookie later, as they will ignore cookies that expire in the past.

Oh yes omg i am such an idiot. The cookie set is global and is not a middleware. How can i missed it? Thanks u guys so much for helping me and sorry for wasting your times haha