I'm wanting to keep items in req.session in memory, but not store them against the sessions DB table for security reasons. But it seems that this module stores everything in the session object into the DB.

Is there any way of choosing to say, "ignore req.session.foo as that is private information, and store it only in-memory"?

Thanks in advance

I think this is outside the scope of this project. I suggest to use a combination of custom middleware and Map to store secondary (in-memory only) data that maps to each session ID.

Thanks for the response. I chose to store the data within browser memory instead!