Simple server-side session support for hapi
$ npm install hapi-server-session
'use strict';
const hapi = require('hapi');
const server = new hapi.Server();
server.connection({
host: 'localhost',
address: '127.0.0.1',
port: 8000,
});
server.register({
register: require('hapi-server-session'),
options: {
cookie: {
isSecure: false,
},
},
}, function (err) { if (err) { throw err; } });
server.route({
method: 'GET',
path: '/',
handler: function (request, reply) {
request.session.views = request.session.views + 1 || 1;
reply('Views: ' + request.session.views);
},
});
server.start();
algorithm
: [Default:'sha256'
] algorithm to use during signingcache
: supports the same options asserver.cache(options)
expiresIn
: [Default: session idexpiresIn
if set or2147483647
] session cache expiration in millisecondssegment
: [Default:'session'
] session cache segment
cookie
: supports the same options asserver.state(name, [options])
isHttpOnly
: [Default:true
] sets the HttpOnly flagisSecure
: [Default:true
] sets the secure flag. Should never be set tofalse
in production
expiresIn
: session id expiration in milliseconds. Prevents intercepted cookies from working perpetually. Requireskey
name
: [Default:'id'
] name of the cookiekey
: signing key. Prevents weaknesses in randomness from affecting overall securitysize
: [Default:16
] number of random bytes in the session id