cleanup store event listeners when process has completed #949
Conversation
| @@ -187,16 +198,21 @@ function session(options) { | |||
| // the store has temporarily disconnected etc | |||
| if (!storeReady) { | |||
| debug('store is disconnected') | |||
| cleanEventListeners(); | |||
There was a problem hiding this comment.
So if a request comes in when the store is not ready, and this removes the listener to make it ready again, then how will the session ever work again? It seems like if the store disconnects and if one request just happened to come in while disconnected, express-session will then never think the store is ever ready again until the entire process is restarted? That seems like a large issue. But I am just starting to take a look at the changes, so maybe I am mistaken. I marked tests are needed, as we'll want to have tests that cover all these new code paths added and probably the scenario I described above too.
| @@ -476,16 +492,18 @@ function session(options) { | |||
| if (!req.sessionID) { | |||
| debug('no SID sent, generating session'); | |||
| generate(); | |||
| cleanEventListeners(); | |||
There was a problem hiding this comment.
Why would we remove the event listeners on the store for this condition, which is that a request came in without a session cookie on it? When would they ever get added back so we know when the store becomes disconnected?
Why are you creating a new import { NextFunction, Request, Response } from "express";
import session from "express-session";
import env from "../../config/validateEnv";
import sequelize from "../../db/pgsql";
const SequelizeStore = require("connect-session-sequelize")(session.Store);
const sessionStore = new SequelizeStore({
db: sequelize,
tableName: "user_sessions",
});
const sessionMiddleware = session({
secret: env.EXPRESS_SESSIONS_SECRET,
store: sessionStore,
cookie: {
maxAge: 1000 * 60 * 60 * 24 * 7, // Equals 7 days (7 days * 24 hr/1 day * 60 min/1 hr * 60 sec/1 min * 1000 ms / 1 sec)
},
resave: false,
saveUninitialized: false,
});
export { sessionMiddleware, sessionStore }; |
Thanks for the reply @dougwilson, the issue seems to be resolved through this only. Thanks! Closing the PR now. |
When I connected the PostgreSQL store using connect-session-sequelize, and made session authentication request 11 times (for example - hitting /my-protected-route consecutively), then I get the following warning:
Here is the file that I am working on: link
How I am trying to resolve that issue?
Answer: Whenever we use the express-session middleware and move on to next(), we cleanup the event listeners