How to handle session information in Express.js

I will show you how to process session information with Express.js. I will also post the code on Git Hub, so please refer to it.

overview

In Express.js, processing session information is done inside middleware functions. A request object and a response object are passed as arguments to the middleware function. Use these objects to retrieve session-related data, generate responses, and so on.

Here, I will explain how to handle sessions with Express.js using the following versions.

Express.js v4.17.1
nodejs v19.7.0
express-session v1.17.2

In addition, all the code created this time is posted on GitHub.

In this article, we use the express-session module, so please enter the following command to install express-session.

npm install express-session

How to get session information

Use the express-session middleware and the request object to get information about the session. express-session parses session information included in requests from clients. The parsed session is stored in the session property of the request object.

The sample code below is an example for understanding sessions in Express.js. Receive a GET request, access the session contained in the request, and return a response containing those values.

session.js

const express = require('express');
const session = require('express-session');
const app = express();

app. use(session({
  secret: 'your secret',
  save: false,
  saveUninitialized: true,
  cookies: { secure: true }
}));

app.get('/', (req, res) => {
  // get session
  const sess = request.session;

  const response = {
    session: sess
  };

  res.json(response);
});

app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

Commentary

  • Create an instance of express and express-session
const express = require('express');
const session = require('express-session');
const app = express();

Import the express and express-session modules and create an instance of them.

  • Using express-session middleware functions
app. use(session({
  secret: 'your secret',
  save: false,
  saveUninitialized: true,
  cookies: { secure: true }
}));

Use express-session’s middleware functions. This will automatically parse the session information included in the request and store it in req.session.

  • Defining route handlers
app.get('/', (req, res) => {
  // get session
  const sess = request.session;

  const response = {
    session: sess
  };

  res.json(response);
});

Handles GET requests to the root (’/’). When a request comes in, get the session information included in the request and return an object containing it in JSON format as a response.

  • Start server
app.listen(3000, () => {
  console.log('Server is running on port 3000');
});

Start the server with an instance of Express listening on port 3000. When the server starts, print the message “Server is running on port 3000” to the console.

test 

curl http://localhost:3000

This command sends a request containing session information.

summary

In this article, we introduced how to handle session information using Express.js. Specifically, it showed how to use the express-session middleware to retrieve the session information included in the request and return it as a response. Session information plays a very important role in web applications, so it’s important to understand its handling. I hope this article helps you understand it.

← How Fastify handles cookie information
How to use guards and implement authentication →