Configuration parameters used for the application session.
Integer value, in seconds, for application absolute rolling duration.
The amount of time after the user has logged in that they will be logged out.
Set this to
false if you don't want an absolute duration on your session.
Default is 604800 seconds (7 days).
Configuration parameters used for the session cookie and transient cookies.
A Function for generating a session id when using a custom session store. For full details see the documentation for express-session at genid. If encrypted cookie storage is used or no value is provided, a default implementation is used. Be aware the default implmentation is slightly different in this library as compared to the default session id generation used express-session.
String value for the cookie name used for the internal session.
This value must only include letters, numbers, and underscores.
If you want your session duration to be rolling, eg reset everytime the
user is active on your site, set this to a
true. If you want the session
duration to be absolute, where the user is logged out a fixed time after login,
regardless of activity, set this to
Integer value, in seconds, for application session rolling duration. The amount of time for which the user must be idle for then to be logged out. Default is 86400 seconds (1 day).
By default the session is stored in an encrypted cookie. But when the session
gets too large it can bump up against the limits of cookie storage.
In these instances you can use a custom session store. The store should
destroy methods, making it compatible
with express-session stores.