AbstractProtectedrollingOptionalstorecalculateMaxAge calculates the max age of the session based on createdAt and the rolling and absolute durations.
AbstractdeleteDeletes the backing-store record for the session identified by the request cookies, without needing a response object. Used by IPSIE ceiling enforcement where only reqCookies are available (e.g. getSessionWithDomainCheck).
For stateless cookie sessions this is a no-op — the cookie is the session, and clearing it requires response cookies. Ceiling enforcement returns null on every read anyway, so the orphaned cookie is harmless until its natural max-age expires.
Subclasses that own a backing store (stateful) SHOULD override this to delete the store record by session ID for hygiene.
epoch returns the time since unix epoch in seconds.
AbstractgetAbstractsetsave adds the encrypted session cookie as a Set-Cookie header. If the iat property
is present on the session, then it will be used to compute the maxAge cookie value.
OptionalisNew: boolean
isRolling returns true if rolling sessions are enabled.