# express-session
[![NPM Version][npm-image]][npm-url]
[![NPM Downloads][downloads-image]][downloads-url]
[![Build Status][travis-image]][travis-url]
[![Test Coverage][coveralls-image]][coveralls-url]
[![Gratipay][gratipay-image]][gratipay-url]
## Installation
This is a [Node.js](https://nodejs.org/en/) module available through the
[npm registry](https://www.npmjs.com/). Installation is done using the
[`npm install` command](https://docs.npmjs.com/getting-started/installing-npm-packages-locally):
```sh
$ npm install express-session
```
## API
```js
var session = require('express-session')
```
### session(options)
Create a session middleware with the given `options`.
**Note** Session data is _not_ saved in the cookie itself, just the session ID.
Session data is stored server-side.
**Note** Since version 1.5.0, the [`cookie-parser` middleware](https://www.npmjs.com/package/cookie-parser)
no longer needs to be used for this module to work. This module now directly reads
and writes cookies on `req`/`res`. Using `cookie-parser` may result in issues
if the `secret` is not the same between this module and `cookie-parser`.
**Warning** The default server-side session storage, `MemoryStore`, is _purposely_
not designed for a production environment. It will leak memory under most
conditions, does not scale past a single process, and is meant for debugging and
developing.
For a list of stores, see [compatible session stores](#compatible-session-stores).
#### Options
`express-session` accepts these properties in the options object.
##### cookie
Settings object for the session ID cookie. The default value is
`{ path: '/', httpOnly: true, secure: false, maxAge: null }`.
The following are options that can be set in this object.
##### cookie.domain
Specifies the value for the `Domain` `Set-Cookie` attribute. By default, no domain
is set, and most clients will consider the cookie to apply to only the current
domain.
##### cookie.expires
Specifies the `Date` object to be the value for the `Expires` `Set-Cookie` attribute.
By default, no expiration is set, and most clients will consider this a
"non-persistent cookie" and will delete it on a condition like exiting a web browser
application.
**Note** If both `expires` and `maxAge` are set in the options, then the last one
defined in the object is what is used.
**Note** The `expires` option should not be set directly; instead only use the `maxAge`
option.
##### cookie.httpOnly
Specifies the `boolean` value for the `HttpOnly` `Set-Cookie` attribute. When truthy,
the `HttpOnly` attribute is set, otherwise it is not. By default, the `HttpOnly`
attribute is set.
**Note** be careful when setting this to `true`, as compliant clients will not allow
client-side JavaScript to see the cookie in `document.cookie`.
##### cookie.maxAge
Specifies the `number` (in milliseconds) to use when calculating the `Expires`
`Set-Cookie` attribute. This is done by taking the current server time and adding
`maxAge` milliseconds to the value to calculate an `Expires` datetime. By default,
no maximum age is set.
**Note** If both `expires` and `maxAge` are set in the options, then the last one
defined in the object is what is used.
##### cookie.path
Specifies the value for the `Path` `Set-Cookie`. By default, this is set to `'/'`, which
is the root path of the domain.
##### cookie.sameSite
Specifies the `boolean` or `string` to be the value for the `SameSite` `Set-Cookie` attribute.
- `true` will set the `SameSite` attribute to `Strict` for strict same site enforcement.
- `false` will not set the `SameSite` attribute.
- `'lax'` will set the `SameSite` attribute to `Lax` for lax same site enforcement.
- `'strict'` will set the `SameSite` attribute to `Strict` for strict same site enforcement.
More information about the different enforcement levels can be found in the specification
https://tools.ietf.org/html/draft-west-first-party-cookies-07#section-4.1.1
**Note** This is an attribute that has not yet been fully standardized, and may change in
the future. This also means many clients may ignore this attribute until they understand it.
##### cookie.secure
Specifies the `boolean` value for the `Secure` `Set-Cookie` attribute. When truthy,
the `Secure` attribute is set, otherwise it is not. By default, the `Secure`
attribute is not set.
**Note** be careful when setting this to `true`, as compliant clients will not send
the cookie back to the server in the future if the browser does not have an HTTPS
connection.
Please note that `secure: true` is a **recommended** option. However, it requires
an https-enabled website, i.e., HTTPS is necessary for secure cookies. If `secure`
is set, and you access your site over HTTP, the cookie will not be set. If you
have your node.js behind a proxy and are using `secure: true`, you need to set
"trust proxy" in express:
```js
var app = express()
app.set('trust proxy', 1) // trust first proxy
app.use(session({
secret: 'keyboard cat',
resave: false,
saveUninitialized: true,
cookie: { secure: true }
}))
```
For using secure cookies in production, but allowing for testing in development,
the following is an example of enabling this setup based on `NODE_ENV` in express:
```js
var app = express()
var sess = {
secret: 'keyboard cat',
cookie: {}
}
if (app.get('env') === 'production') {
app.set('trust proxy', 1) // trust first proxy
sess.cookie.secure = true // serve secure cookies
}
app.use(session(sess))
```
The `cookie.secure` option can also be set to the special value `'auto'` to have
this setting automatically match the determined security of the connection. Be
careful when using this setting if the site is available both as HTTP and HTTPS,
as once the cookie is set on HTTPS, it will no longer be visible over HTTP. This
is useful when the Express `"trust proxy"` setting is properly setup to simplify
development vs production configuration.
##### genid
Function to call to generate a new session ID. Provide a function that returns
a string that will be used as a session ID. The function is given `req` as the
first argument if you want to use some value attached to `req` when generating
the ID.
The default value is a function which uses the `uid-safe` library to generate IDs.
**NOTE** be careful to generate unique IDs so your sessions do not conflict.
```js
app.use(session({
genid: function(req) {
return genuuid() // use UUIDs for session IDs
},
secret: 'keyboard cat'
}))
```
##### name
The name of the session ID cookie to set in the response (and read from in the
request).
The default value is `'connect.sid'`.
**Note** if you have multiple apps running on the same hostname (this is just
the name, i.e. `localhost` or `127.0.0.1`; different schemes and ports do not
name a different hostname), then you need to separate the session cookies from
each other. The simplest method is to simply set different `name`s per app.
##### proxy
Trust the reverse proxy when setting secure cookies (via the "X-Forwarded-Proto"
header).
The default value is `undefined`.
- `true` The "X-Forwarded-Proto" header will be used.
- `false` All headers are ignored and the connection is considered secure only
if there is a direct TLS/SSL connection.
- `undefined` Uses the "trust proxy" setting from express
##### resave
Forces the session to be saved back to the session store, even if the session
was never modified during the request. Depending on your store this may be
necessary, but it can also create race conditions where a client makes two
parallel requests to your server and changes made to the session in one
request may get overwritten when the other request ends, even if it made no
changes (this behavior also depends on what store you're using).
The default value is `true`, but using the default has been deprecated,
as the default will change in the future. Please research into this setting
and choose what is appropriate to your use-case. Typical
没有合适的资源?快使用搜索试试~ 我知道了~
webRTC服务器端代码
共790个文件
js:272个
md:152个
json:118个
4星 · 超过85%的资源 需积分: 50 64 下载量 76 浏览量
2019-03-24
20:42:29
上传
评论 4
收藏 1.63MB ZIP 举报
温馨提示
这是一个搭建好的P2P视频通信实例,采用webrtc和socket.io实现,整体使用nodejs 火狐浏览器测试通过 博客链接:https://blog.csdn.net/weixin_40490238/article/details/88781323
资源推荐
资源详情
资源评论
收起资源包目录
webRTC服务器端代码 (790个子文件)
mime.cmd 164B
server.crt 871B
base.css 5KB
prettify.css 676B
style.css 32B
.DS_Store 6KB
.editorconfig 399B
comments.ejs 387B
rmWhitespace.ejs 353B
menu_preprocessor.ejs 251B
menu.ejs 222B
menu_var.ejs 183B
strict.ejs 157B
newlines.mixed.ejs 131B
no.semicolons.ejs 131B
literal.ejs 114B
include-abspath.ejs 114B
space-and-tab-slurp.ejs 98B
include.ejs 98B
no.newlines.ejs 90B
newlines.ejs 90B
include_preprocessor.ejs 80B
messed.ejs 72B
include_preprocessor_line_slurp_child.ejs 64B
error.ejs 63B
include_preprocessor.css.ejs 62B
include.css.ejs 60B
include_preprocessor_line_slurp.ejs 51B
no.newlines.error.ejs 51B
consecutive-tags.ejs 47B
include-simple.ejs 44B
include_preprocessor_cache.ejs 43B
double-quote.ejs 41B
item.ejs 39B
bom.ejs 35B
fail.ejs 35B
single-quote.ejs 34B
menu-item.ejs 33B
include_cache.ejs 33B
user-no-with.ejs 28B
include-root.ejs 27B
pet.ejs 25B
user.ejs 21B
hello-world.ejs 20B
with-context.ejs 16B
para.ejs 11B
renderFile.ejs 10B
include.ejs 10B
include_preprocessor.ejs 10B
backslash.ejs 5B
.eslintignore 5B
.eslintrc 560B
.eslintrc 348B
.eslintrc 219B
.eslintrc 180B
.eslintrc 180B
.eslintrc 180B
.eslintrc 180B
.eslintrc 180B
.gitattributes 106B
webRtc.html 12KB
index.js.html 6KB
index.html 3KB
index.html 3KB
rmWhitespace.html 227B
comments.html 179B
literal.html 113B
menu.html 105B
menu_preprocessor.html 104B
include.html 81B
include_preprocessor.html 81B
newlines.html 78B
no.semicolons.html 75B
no.newlines.html 68B
space-and-tab-slurp.html 66B
messed.html 50B
include.css.html 39B
include_preprocessor.css.html 39B
include-simple.html 34B
double-quote.html 27B
single-quote.html 25B
newlines.mixed.html 21B
include_preprocessor_line_slurp.html 20B
include_cache.html 11B
include_preprocessor_cache.html 11B
backslash.html 5B
consecutive-tags.html 4B
lcov.info 867B
Jakefile 2KB
socket.io.dev.js 153KB
socket.io.slim.dev.js 131KB
engine.io.js 110KB
socket.io.js 61KB
socket.io.js 61KB
socket.io.slim.js 52KB
ejs.js 39KB
sbcs-data-generated.js 31KB
ejs.js 29KB
response.js 26KB
index.js 23KB
共 790 条
- 1
- 2
- 3
- 4
- 5
- 6
- 8
资源评论
- 才才2020-03-12没有任何效果,不知道是不是部署上有什么地方要注意的。
面-包
- 粉丝: 460
- 资源: 13
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- 一个简单的步骤,说明如何使用Vue CLI来生成一个新的Vue项目,并附带一个简单的启动和构建脚本
- C++实现桶排序(源代码)
- 电子通信设计资料用单片机制作的直流稳压可调电源
- 一个基于命令行使用Spring Initializr生成Spring Boot项目的步骤,并附带一个简单的Maven构建和运行脚
- 电子通信设计资料用单片机制作的定时开关控制器
- 电子通信设计资料用单片机设计的测速表
- Swift5.1 官方中文教程 完整版.pdf
- 电子通信设计资料用单片机控制的出租车计价器
- ex-sqlist-1a.cpp
- com.xiaodao.orthodoxcalendar_202457104743.apk
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功