express session key property express session key property express express

express session key property


session express

express.session uses connect.session underneath; if you look at its documentation, it will use connect.sid as a default key in case you don't provide one yourself:

Options:

  • key cookie name defaulting to connect.sid
  • ...

session express

@robertklep's answer is out of date:

A session key is now mandatory. You must provided it and the defense of the secrets contained within are dependent on selecting a good key. My recommendation is selecting a key with sufficient entropy (128 bits) and periodically changing it.

see: https://github.com/expressjs/session/blob/master/test/session.js#L38

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last