Package Exports

hapi-server-session

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (hapi-server-session) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

hapi-server-session

Simple server-side session support for hapi

Install

$ npm install hapi-server-session

Example

'use strict';

const hapi = require('hapi');

const server = new hapi.Server();

server.connection({
  host: 'localhost',
  address: '127.0.0.1',
  port: 8000,
});

server.register({
  register: require('hapi-server-session'),
  options: {
    cookie: {
      isSecure: false,
    },
  },
}, function (err) { if (err) { throw err; } });

server.route({
  method: 'GET',
  path: '/',
  handler: function (request, reply) {
    request.session.views = request.session.views + 1 || 1;
    reply('Views: ' + request.session.views);
  },
});

server.start();

Options

algorithm: [Default: 'sha256'] algorithm to use during signing
cache: supports the same options as server.cache(options)
- expiresIn: [Default: session id expiresIn if set or 2147483647] session cache expiration in milliseconds
- segment: [Default: 'session'] session cache segment
cookie: supports the same options as server.state(name, [options])
- isHttpOnly: [Default: true] sets the HttpOnly flag
- isSecure: [Default: true] sets the secure flag. Should never be set to false in production
expiresIn: session id expiration in milliseconds. Prevents intercepted cookies from working perpetually. Requires key
name: [Default: 'id'] name of the cookie
key: signing key. Prevents weaknesses in randomness from affecting overall security
size: [Default: 16] number of random bytes in the session id