Closed
Description
Description
Session maxAge gets disregarded when using cluster mode along with express-session and connect-redis.
The session TTL from the cookie.maxAge is not applied.
When I switch out for ioredis, it works as expected. It also works when I have a single node using the createClient constructor.
To recreate:
- Start up a cluster. I used the create cluster script to achieve this.
- Dependencies:
"connect-redis": "^7.1.0",
"express": "^4.18.2",
"express-session": "^1.17.3",
"redis": "^4.6.11",
- Run the following code and visit http://localhost:3000/
import RedisStore from "connect-redis";
import session from "express-session";
import { createCluster } from "redis";
import express from "express";
const app = express();
const redisClient = createCluster({
rootNodes: [
{
socket: {
host: "127.0.0.1",
port: 7001,
},
},
],
useReplicas: true,
});
redisClient.connect().catch(console.error);
let redisStore = new RedisStore({
client: redisClient,
prefix: "myapp:",
});
app.use(
session({
store: redisStore,
resave: true,
saveUninitialized: false,
secret: "mysecret",
cookie: {
secure: false,
httpOnly: false,
maxAge: 30 * 1000, // 30 seconds
},
})
);
app.get("/", (req, res) => {
const sess = req.session;
(sess as any).userId = "87098798";
(sess as any).otherData = "abc";
res.send("Hello World!");
});
app.listen(3000, () => {
console.log(`Example app listening on port 3000`);
});- Inspect your redis store and you can see that the TTL has no limit
Node.js Version
18.17.0
Redis Server Version
7.2.3
Node Redis Version
4.6.11
Platform
macOS
Logs
No response