Session Management in Nodejs Using Redis as Session Store

The classic Hypertext Transfer Protocol (HTTP) is a stateless tool. This means every request that is sent from a single client is interpreted by the Web server independently and is not related to any other request. There is no inbuilt mechanism for the server to remember a specific user from different multiple requests, which also makes it impossible for the server to know if each request originated from the same user.

Session tracking enables you to track a user’s progress over multiple servlets or HTML pages, which, by nature, are stateless. A session is defined as a series of related browser requests that come from the same client during a certain time period. Session tracking ties together a series of browser requests — think of these requests as pages — that may have some meaning as a whole, such as a shopping cart application.

There are few types of session storing techniques

Here we are using the Memory (single-server, non-replicated persistent storage) to manage sessions. When you use memory-based storage, all session information is stored in memory and is lost when you stop and restart. Better to use a external persistence storage.

We are creating the session in our session store and the session ID is sent back to the client in a Cookie. Then this Cookie can be passed to server with each and every request to identify the particular client.

We can use express-session middleware to manage sessions in Nodejs. The session is stored in the express server itself. The default server-side session storage, MemoryStore, is purposely not designed for a production environment. It will leak memory under most conditions, does not scale past a single process, and is meant for debugging and developing. To manage multiple sessions for multiple users we have to create a global map and put each session object to it. Global variables in NodeJs are memory consuming and can prove to be terrible security holes in production level projects.

This can be solved by using external Session Store. We have to store every session in the store so that each one will belong to only a single user. One popular session store is built using the Redis.

We are building a simple user login using the sessions.

That is it. The express session with Redis store is working.

Redis is one of the popular key storage database systems. Using it to store session is not only beneficial in production environment but also it helps to improve the performance of the system.

Thank you for reading this post. If you do have any questions please add as a comment. I will definitely answer your questions. If you like this post, give a Cheer!!!

Happy Coding ❤

Related posts:

3D effects leave a memorable impression, making your website bright, vivid, and distinct. We use three-dimensional images and animation more and more, and not because it’s become trendy over the last…

Alexander the Great was king of Macedon from 336–323 BCE. A year into his reign over the kingdom, many Greeks revolted against their new ruler and declared independence from Macedonian leadership…

Blockchain is a decentralized, distributed and public digital ledger that is used to record transactions across many computers so that any involved record cannot be altered retroactively, without the…