npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@scayle/h3-session

v0.4.0

Published

Persistent sessions for h3

Downloads

7,769

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

ay-henribeckay-henribecklukas-matejka-scaylelukas-matejka-scaylescayle-automationscayle-automation

Keywords

Readme

@scayle/h3-session

npm version npm downloads License

Persistent sessions for h3. Based on express-session.

Installation

# Using pnpm
pnpm add @scayle/h3-session

# Using yarn
yarn add @scayle/h3-session

# Using npm
npm install @scayle/h3-session

Usage

import { UnstorageSessionStore, useSession } from '@scayle/h3-session'
import { createStorage } from 'unstorage'

const DEFAULT_TTL = 60 * 60 * 24

const redisStore = UnstorageSessionStore(
  createStorage({
    driver: redisDriver({
      host: 'localhost',
      port: 6379,
    }),
  }),
  {
    ttl: DEFAULT_TTL,
  },
)

export default defineEventHandler(async (event) => {
  await useSession(event, {
    store: redisStore,
    secret: 'my-secret',
  })

  const sessionId = event.context.sessionId
  const sessionData = event.context.session.data
})

useSession options

The following options can be passed as the second argument to useSession. store and secret must be defined.

interface H3SessionOptions {
  // Where session data will be stored
  store: SessionStore

  // Settings for configuring the session cookie
  // Cookies are serialized with [`cookie-es`](https://github.com/unjs/cookie-es).
  // The default value is { path: '/', httpOnly: true, secure: true, maxAge: null }.
  cookie?: {
    domain?: string
    expires?: Date
    httpOnly?: boolean
    maxAge?: number
    path?: string
    sameSite?: true | false | 'lax' | 'none' | 'strict'
    secure?: boolean
  }

  // The name of the session cookie. Defaults to 'connect.sid'
  name?: string

  // Function to generate a session ID. Defaults to randomUUID
  genid?: (event: H3Event) => string

  // Function to generate new session data
  generate?: () => SessionDataT

  // Should the session be automatically saved on initialization?
  saveUninitialized?: boolean

  // Secret(s) to use for cookie signing
  secret: string | string[]
}

Session object

useSession attaches a Session object to event.context.session. The Session object has several methods along with an id property containing the session's ID, a data property which contains the session's data and a cookie property representing the session's cookie.

Session.save()

Save the session to the store. Unlike express-session, session data is not saved automatically when it is changed, so this function should be called after modifying the session or at the end of the request.

Session.reload()

Reload the session's data from the store.

Session.destroy()

Destroy the session by removing its data from the store and deleting the cookie.

Session.regenerate()

Recreate the session with a new ID and empty data.

SessionCookie

The cookie property on the session can be used to control the session's cookie. Any of the cookie serialization options such as maxAge or domain can be edited and will affect the Set-Cookie header sent in the response. Additionally, setSessionId(sid: string) can be called to update the cookie's value with a new session ID.

SessionStore

Any object implementing the SessionStore interface can be used as the store option.

There is an included UnstorageSessionStore class to create SessionStore backed by an unstorage provider. To avoid accumulating dead sessions, use a driver (such as redis) which supports the ttl option.

A reference to the store is added to event.context.sessionStore to enable manual management of the session data. (e.g. clearing all saved sessions)

Cookie signing

The value of the session cookie is a signed variant of the session's ID. The format is s:[sessionID].[signature]. e.g. s:7247d6e9-8ddb-4005-988b-9aa82bd7d6d5.lERU16bdv6tojUNeM8V2UOARyNxHNaWKIYi4bLRxx7o. This matches the format used by express-session, so existing sessions can be preserved when migrating.

The secret used for signing cookies is set in the options of useSession. It can be a string or string[]. When specified as an array, the last item will be used for signing new session cookies, but all secrets will be used to verify existing cookies. This allows changing the signing secret without invalidating existing sessions.

Typing

The type of the session data can be specified by augmenting the SessionDataT interface.

declare module '@scayle/h3-session' {
  export interface SessionDataT {
    userId: string
    token: string
  }
}