You can store the session content in external stores (Redis, MongoDB or other DBs) by passing options.store with three methods (these need to be async functions):

get(key, maxAge, { rolling }): get session object by key
set(key, sess, maxAge, { rolling, changed }): set session object for key, with a maxAge (in ms)
destroy(key): destroy session for key

这里不能获取失效的key

方法1：
app.on('session:expired', ({ key, value, ctx }) => {store. destroy(key)})
方法2：
在store的get方法中判断是否过期，过期就删除

const stroe = {
    async get(key, maxAge, {rolling}) {
         let session = {/*mysql 查询*/};
         if (session._expire < Date.now()) {
            this. destroy(key)
            session = null
         }
         return session;
    }
}

@ysk2014
方法一好像cookie过期了也不会被触发

代码里是每次请求的时候都会去验证是否过期，你看看你的session对象中是否有_expire这个字段？