From f9618aff6fc749b17a429c219687c6bf13b0154a Mon Sep 17 00:00:00 2001 From: Joe Lanman Date: Wed, 18 May 2016 18:42:57 +0100 Subject: [PATCH 1/3] add session support --- package.json | 1 + server.js | 10 +++++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index e00cd56fee..96c23d4318 100644 --- a/package.json +++ b/package.json @@ -17,6 +17,7 @@ "consolidate": "0.x", "express": "4.13.3", "express-nunjucks": "^0.9.3", + "express-session": "^1.13.0", "express-writer": "0.0.4", "govuk-elements-sass": "1.2.0", "govuk_frontend_toolkit": "^4.12.0", diff --git a/server.js b/server.js index 3b588f9758..659ab404a7 100644 --- a/server.js +++ b/server.js @@ -1,12 +1,13 @@ var path = require('path'), express = require('express'), - browserSync = require('browser-sync'), + session = require('express-session'), nunjucks = require('express-nunjucks'), routes = require(__dirname + '/app/routes.js'), favicon = require('serve-favicon'), app = express(), basicAuth = require('basic-auth'), bodyParser = require('body-parser'), + browserSync = require('browser-sync'), config = require(__dirname + '/app/config.js'), port = (process.env.PORT || config.port), utils = require(__dirname + '/lib/utils.js'), @@ -66,6 +67,13 @@ app.use(bodyParser.urlencoded({ extended: true })); +// Support session data +app.use(session({ + resave: false, + saveUninitialized: false, + secret: 'prototype-kit' +})); + // send assetPath to all views app.use(function (req, res, next) { res.locals.asset_path="/public/"; From dab87b64e1157ad121dc5bd0420b4b13347ff861 Mon Sep 17 00:00:00 2001 From: Joe Lanman Date: Wed, 18 May 2016 18:58:00 +0100 Subject: [PATCH 2/3] make random secret for session cookie --- server.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server.js b/server.js index 659ab404a7..846078ad83 100644 --- a/server.js +++ b/server.js @@ -71,7 +71,7 @@ app.use(bodyParser.urlencoded({ app.use(session({ resave: false, saveUninitialized: false, - secret: 'prototype-kit' + secret: Math.round(Math.random()*100000).toString() })); // send assetPath to all views From e9d5a39636163123db39688dddd770011563491d Mon Sep 17 00:00:00 2001 From: Joe Lanman Date: Tue, 14 Jun 2016 18:49:18 +0100 Subject: [PATCH 3/3] session docs --- docs/README.md | 1 + docs/session.md | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+) create mode 100644 docs/session.md diff --git a/docs/README.md b/docs/README.md index d8321b5d79..a8340dc81e 100644 --- a/docs/README.md +++ b/docs/README.md @@ -24,3 +24,4 @@ Installation guide for developers (technical): - [Updating the kit to the latest version](updating-the-kit.md) - [Tips and tricks](tips-and-tricks.md) - [Creating routes (server-side programming)](creating-routes.md) +- [Storing data in session](session.md) diff --git a/docs/session.md b/docs/session.md new file mode 100644 index 0000000000..d9a4ce9632 --- /dev/null +++ b/docs/session.md @@ -0,0 +1,23 @@ +# Storing data in session + +**Advanced topic** + +If you need to store data for each user, the best way to do it is using session data. + +This means that if more than one person is using your prototype, their data will not get mixed up. + +The easiest way to clear session data is to use 'Incognito mode' for each user, and close that window when you're done. + +## How to use + +In a route function, refer to `req.session`. + +For example you might have `req.session.over18` or `req.session.firstName`. + +You can see a full example here: + +[https://github.com/expressjs/session#example](https://github.com/expressjs/session#example) + +You can read more about Express Session here: + +[https://github.com/expressjs/session](https://github.com/expressjs/session) \ No newline at end of file