Tutorials


Express JS and EJS Configuring Session Storage with mongoose


Configuring session storage with Express.js and Mongoose involves using MongoDB to store session data. This is beneficial for applications requiring persistent session data across server restarts and scalable session management. Here’s how you can set it up:

1. Install Required Packages

You need the following packages:

  • express-session: Middleware for handling sessions in Express.
  • connect-mongo: MongoDB session store for express-session.
  • mongoose: MongoDB object modeling tool (you might already have it if you’re using MongoDB with Mongoose).

Install these packages via npm:

npm install express-session connect-mongo mongoose

2. Set Up MongoDB Connection with Mongoose

First, configure Mongoose to connect to your MongoDB database.

const mongoose = require('mongoose');

mongoose.connect('mongodb://localhost:27017/your-database', {
    useNewUrlParser: true,
    useUnifiedTopology: true
}).then(() => {
    console.log('Connected to MongoDB');
}).catch(err => {
    console.error('Failed to connect to MongoDB', err);
});

Replace 'mongodb://localhost:27017/your-database' with your MongoDB connection string.

3. Configure Session Storage

Set up express-session and connect-mongo to use MongoDB for session storage.

const express = require('express');
const session = require('express-session');
const MongoStore = require('connect-mongo');
const mongoose = require('mongoose');
const path = require('path');

const app = express();

// Connect to MongoDB
mongoose.connect('mongodb://localhost:27017/your-database', {
    useNewUrlParser: true,
    useUnifiedTopology: true
});

// Configure session middleware
app.use(session({
    secret: 'your-secret-key', // Replace with a secure secret key
    resave: false,
    saveUninitialized: false,
    store: MongoStore.create({
        mongoUrl: 'mongodb://localhost:27017/your-database', // Replace with your MongoDB URI
        collectionName: 'sessions' // Optional: Default collection name for storing sessions
    }),
    cookie: {
        secure: false, // Set to true if using HTTPS
        maxAge: 24 * 60 * 60 * 1000 // Session expiration time (1 day)
    }
}));

// Set the view engine to EJS
app.set('view engine', 'ejs');
app.set('views', path.join(__dirname, 'views'));

// Example route
app.get('/', (req, res) => {
    const userName = req.session.userName || 'Guest';
    res.render('index', { userName });
});

// Route to handle login
app.post('/login', (req, res) => {
    req.session.userName = req.body.userName;
    res.redirect('/');
});

// Route to handle logout
app.get('/logout', (req, res) => {
    req.session.destroy((err) => {
        if (err) {
            return res.redirect('/');
        }
        res.redirect('/');
    });
});

app.listen(3000, () => {
    console.log('Server is running on http://localhost:3000');
});

4. Handling Session Data

You can use session data in your routes and EJS templates to personalize the user experience.

In Route Handlers:

app.post('/login', (req, res) => {
    req.session.userName = req.body.userName; // Store userName in session
    res.redirect('/');
});

app.get('/logout', (req, res) => {
    req.session.destroy((err) => { // Destroy session
        if (err) {
            return res.redirect('/');
        }
        res.redirect('/');
    });
});

In EJS Templates:

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Home Page</title>
</head>
<body>
    <h1>Welcome, <%= userName %>!</h1>
    <% if (userName !== 'Guest') { %>
        <a href="/logout">Logout</a>
    <% } else { %>
        <form action="/login" method="POST">
            <input type="text" name="userName" placeholder="Enter your name" required>
            <button type="submit">Login</button>
        </form>
    <% } %>
</body>
</html>

5. Testing and Verifying

  • Login: Submit the login form to create a session.
  • Navigate: Check if session data persists across different routes and requests.
  • Logout: Ensure the session is destroyed and redirected appropriately.

6. Security Considerations

  • secret: Ensure the secret is a strong, unique value.
  • secure: Set cookie.secure to true in production when using HTTPS to ensure cookies are only sent over secure connections.
  • Session Expiration: Adjust cookie.maxAge according to your application's needs.

Summary

  1. Install Packages: Use express-session, connect-mongo, and mongoose to handle session storage with MongoDB.
  2. Connect to MongoDB: Use Mongoose to connect to your MongoDB database.
  3. Configure Session Middleware: Set up express-session with connect-mongo to use MongoDB for session storage.
  4. Manage Sessions: Use session data in your route handlers and EJS templates to provide a personalized experience.
  5. Ensure Security: Implement proper security settings, including HTTPS and strong session secrets.


Next Previous




@aCodeTutorials All Rights Reserved
privacy policy | about