9

It is unclear what are the correct configuration parameters to use are in the situation of using Redis Cloud and Heroku, and can't find a functioning example online.

Here is my current code:

const express = require('express')
const session = require('express-session')
const RedisStore = require('connect-redis')(session);
...
const server = express()

server.use(bodyParser.json())
server.use(bodyParser.urlencoded({ extended: false }))

server.use(cookieParser())

server.use(session({
  secret: token_secret,
  // create new redis store.
  store: new RedisStore({ url: 'redis://rediscloud:...@...redislabs.com:11111'}),
  resave: true,
  saveUninitialized: true
}));

Should I have resave and saveUnitialized set to true or false in the case of Redis Cloud and Heroku as the session store (using express-session)?

Additionally, does the cookieParser affect the session and need to be there? Or is that separate and only to parse the cookie that is coming from the client, and unrelated to the server-side session storage with Redis? Also, should the cookie parser have a secret passed into the function?

And finally, should bodyParser come before or after the server.use(session), and should urlencoded extended be set to true or false?

HelpMeStackOverflowMyOnlyHope
  • 4,852
  • 10
  • 32
  • 49
  • Did this snippet work for you or not? If it didn't what was the observed behaviour and what was expected? –  Aug 23 '17 at 04:57

1 Answers1

0

Let's go by parts, as Jack the Ripper said...

It is unclear what are the correct configuration parameters to use are in the situation of using Redis Cloud and Heroku, and can't find a functioning example online.

RedisCloud on Heroku (Node Express Example) @ GitHub

Should I have resave and saveUnitialized set to true or false in the case of Redis Cloud and Heroku as the session store (using express-session)?

app.use(expressSession({resave: false, saveUninitialized: false})) reduces the number of times the session store will be accessed. This benefits hardware resources and performance (Normally is better to set them to false).

Additionally, does the cookieParser affect the session and need to be there?

Not anymore : express-session middleware, used to require cookie-parser, (but the current version of express-session reads/writes cookies directly).

And finally, should bodyParser come before or after the server.use(session)

The body-parser middleware parses the bodies of incoming HTTP requests. Populating the req.body property which is then available in your routes and middlewares. So the order doesn't influence the behaviour.

and should urlencoded extended be set to true or false?

The parsers you will need depend on the request types your server has to deal with.

The difference regarding extended: false and extended: true is already explained in this answer.

EMX
  • 6,066
  • 1
  • 25
  • 32