node.js - Node session cookie that expires -


is possible create session cookie (one automatically deleted when browser closes) , has expiration expire after set time, let's 15 minutes unless user continues using site? if use site, i'd reset expiration lasts 15 minutes.

i've had luck either creating session cookie expires when browser closed or stays around persistent cookie has expiration either using expires or maxage arguments.

the thing can think of create session cookie has timestamp value stored in , in session middleware, check of current time > timestamp value , deny request , delete cookie setting null. if current time <= timestamp updating timestamp new date extending session timeout.

while idea may work, makes me think there more official way of accomplishing want.

i'm experimenting node , express insight tailored build-out appreciated.

because way create session cookie leave out expiration, can't single cookie.

but, can 2 cookies, 1 session cookie , 1 expiring cookie. here's logic doing 2 cookies:

  1. create random number.
  2. create session cookie such session=randomnumber.
  3. create second cookie expiry=randomnumber expires in 15 minutes.
  4. have code check see both cookies exist , contain same random number.

if browser closed, session cookie deleted. if 15 minutes passes, second cookie deleted. if browser closed , reopened, there won't session cookie , if coin one, second cookie won't have same random number in it.

by checking presence of both cookies, you're making sure both conditions have been met.

and, if want 15 minute cookie continually refresh on page load, can have server recreate cookie on each page load new fresh time 15 minutes now.


Comments

Popular posts from this blog

commonjs - How to write a typescript definition file for a node module that exports a function? -

openid - Okta: Failed to get authorization code through API call -

ios - Change Storyboard View using Seague -