This eventually forces your store not to store the session object because it hasn't been modified i.e left uninitialized. So it entirely depends on the session store that you're using if you need to enable this option or not.ġ.When you set saveUninitialized to false, and if your created Session Object isn't modified i.e left empty, then you won't be able to see connect.sid on your browser cookies.
#EXPRESS SESSION IN NODE JS DRIVER#
If a session store driver doesn't implement the touch command, then you should enable resave so that even when a session wasn't changed during a request, it is still updated in the store (thereby marking it active). What this does is tell the session store that a particular session is still active, which is necessary because some stores will delete idle (unused) sessions after some time. You'd be able to recognize such a visitor because they send the session cookie containing the unique id.Ībout resave: this may have to be enabled for session stores that don't support the "touch" command. When do you want to enable this? When you want to be able to identify recurring visitors, for example. Since there's nothing useful to store, the session is "forgotten" at the end of the request. The reasoning behind this is that this will prevent a lot of empty session objects being stored in the session store.
If during the lifetime of the request the session object isn't modified then, at the end of the request and when saveUninitialized is false, the (still empty, because unmodified) session object will not be stored in the session store.
0 kommentar(er)
