It's more for my understanding. Why is there a cookie object in the req.session in express? I use req.session to store the login status and username. The cookie object in req.session is the same as the cookie properties in the client cookie, placed by express.parseCookie but without sessionID. Can anyone explain why this is in there? It cant be for the purpose to identify cookie and session because thats already made by the cookie value and the session ID (req.session.ID), or am I'm wrong?
- req.session --> 
{ cookie: 
{ path: '/',
 _expires: null,
 originalMaxAge: null,
 httpOnly: true },
  loggedIn: true,
  username: 'luidpold' }
For convenience. It’s the cookie associated with the session, and you can query/modify it.
The session handler in Express comes from Connect. The documentation for Connect says:
Session#cookie
Each session has a unique cookie object accompany it. This allows you to alter the session cookie per visitor. For example we can set
req.session.cookie.expiresto false to enable the cookie to remain for only the duration of the user-agent.Session#maxAge
Alternatively
req.session.cookie.maxAgewill return the time remaining in milliseconds, which we may also re-assign a new value to adjust the.expiresproperty appropriately.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With