Gathering detailed insights and metrics for tomjs-koa-session2
Gathering detailed insights and metrics for tomjs-koa-session2
Installations
npm install tomjs-koa-session2Developer Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>=7.6.0
Node Version
8.16.0
NPM Version
6.4.1
Score
65.8
Supply Chain
97
Quality
72.9
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Languages
1
JavaScript
JavaScript (100%)
Developer
tiandiwy
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
108 Commits
4 Branches
1 Contributors
Updated on Aug 02, 2019
Maintainers
1
Package Meta Information
Latest Version
1.0.1
Package Id
tomjs-koa-session2@1.0.1
Size
3.78 kB
NPM Version
6.4.1
Node Version
8.16.0
Published on
Aug 02, 2019
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
1
Dev Dependencies
4
tomjs-koa-session2
forked from Secbone/koa-session2
Middleware for Koa2 to get/set session use with custom stores such as Redis or mongodb
Use native ES6(async/await) by Nodejs v7.6.0 +
Or you can use the old versions:
Require
node v7.6 +
Install
npm install koa-session2
Usage
1const Koa = require("koa"); 2const session = require("koa-session2"); 3 4const app = new Koa(); 5 6app.use(session({ 7 key: "SESSIONID", //default "koa:sess" 8}));
Custom Stores
Store.js
1const Redis = require("ioredis"); 2const { Store } = require("koa-session2"); 3 4class RedisStore extends Store { 5 constructor() { 6 super(); 7 this.redis = new Redis(); 8 } 9 10 async get(sid, ctx) { 11 let data = await this.redis.get(`SESSION:${sid}`); 12 return JSON.parse(data); 13 } 14 15 async set(session, { sid = this.getID(24), maxAge = 1000000 } = {}, ctx) { 16 try { 17 // Use redis set EX to automatically drop expired sessions 18 await this.redis.set(`SESSION:${sid}`, JSON.stringify(session), 'EX', maxAge / 1000); 19 } catch (e) {} 20 return sid; 21 } 22 23 async destroy(sid, ctx) { 24 return await this.redis.del(`SESSION:${sid}`); 25 } 26} 27 28module.exports = RedisStore;
main.js
1const Koa = require("koa"); 2const session = require("koa-session2"); 3const Store = require("./Store.js"); 4 5const app = new Koa(); 6 7app.use(session({ 8 store: new Store() 9})); 10 11app.use(ctx => { 12 let user = ctx.session.user; 13 14 ctx.session.view = "index"; 15}); 16 17app.use(ctx => { 18 // refresh session if set maxAge 19 ctx.session.refresh() 20})
Options
Most options based on cookies
key: a string for store session id in cookiestore: a class for custom store (extend {Store}, func: #get(sid), #set(session, opts), #destory(sid))maxAge: a number representing the milliseconds fromDate.now()for expiryexpires: aDateobject indicating the cookie's expiration date (expires at the end of session by default).path: a string indicating the path of the cookie (/by default).domain: a string indicating the domain of the cookie (no default).secure: a boolean indicating whether the cookie is only to be sent over HTTPS (falseby default for HTTP,trueby default for HTTPS).httpOnly: a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (trueby default).sameSite: a boolean or string indicating whether the cookie is a "same site" cookie (falseby default). This can be set to'strict','lax', ortrue(which maps to'strict').signed: a boolean indicating whether the cookie is to be signed (falseby default). If this is true, another cookie of the same name with the.sigsuffix appended will also be sent, with a 27-byte url-safe base64 SHA1 value representing the hash of cookie-name=cookie-value against the first Keygrip key. This signature key is used to detect tampering the next time a cookie is received.overwrite: a boolean indicating whether to overwrite previously set cookies of the same name (falseby default). If this is true, all cookies set during the same request with the same name (regardless of path or domain) are filtered out of the Set-Cookie header when setting this cookie.
Methods
refresh(): if you setmaxAgein options, you can callctx.session.refresh()to refresh session to your store
License
MIT
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Score
3
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More