NodeJs Tutorials

Home » NodeJs »

How to store session data in mysql database Using NodeJs?

A session creates a unique ID for every user and store on the browser as a cookie and stores some information of the user in the server. Whenever that user makes a request, the server will match a user information with the stored session data.

Why storing sessions in a Database?

Sessions create unique id for each visitor. When you save data into the session, the session will store this information into a specific file on the server. The unique id is also stored as a cookie on your browser. in that case One problem you may encounter with storing sessions in a file system on the server is using a shared hosting plan. In this case, if the server is not configured correctly, it would be possible for someone to get access to your Sessions data.

Store session in MySQL Database

Express-mysql-session module is used to store session data in MySQL database. This module creates a database table to save session data, but if you are using an older version of MySQL than MySQL 5.5.3, create your sessions table before initializing the MySQLStore.

File Name :

install express-mysql-session for session data store in MySql Database.

npm install --save express-session
npm install --save express-mysql-session

https://devdotcode.com/how-to-store-session-in-mysql-database-using-express-mysql-session/

It create a MySQL connection pool that handles the connection to the database. The pool consists of 1 connection by default, but you can override this using the connectionLimit option.

File Name :

const mysqlStore = require('express-mysql-session')(session);
const sessionStore = new mysqlStore(options);

Create Server.js

File Name : Server.js

Table create

The sessions database table should be automatically created using default options, which means setting the createDatabaseTable option to TRUE. If the table is not created for whatever reason, you can use the following schema to create it.

File Name :

CREATE TABLE IF NOT EXISTS `sessions` (
`session_id` varchar(128) COLLATE utf8mb4_bin NOT NULL,
`expires` int(11) unsigned NOT NULL,
`data` mediumtext COLLATE utf8mb4_bin,
PRIMARY KEY (`session_id`)
) ENGINE=InnoDB

For a custom database table schema, you have to set the createDatabaseTable option to FALSE. So the session store does not automatically create a sessions table, and then you use the schema option to provide the custom table and column names to the session store.

File Name :

const options ={
connectionLimit: 10,
password: process.env.DB_PASS,
user: process.env.DB_USER,
database: process.env.MYSQL_DB,
host: process.env.DB_HOST,
port: process.env.DB_PORT,
createDatabaseTable: FALSE,
schema: {
tableName: 'custom_sessions_table_name',
columnNames: {
session_id: 'custom_session_id',
expires: 'custom_expires_column_name',
data: 'custom_data_column_name'
}
}

}

.ENV

File Name :

APP_PORT = 3000 DB_PORT = 3306 DB_HOST = localhost DB_USER = root DB_PASS = yourpassword MYSQL_DB = yourdatabasename SESS_LIFETIME = TWO_HOURS NODE_ENV = 'development' SESS_NAME = 'enter_the_session_name' SESS_SECRET = 'yoursecret'

Set the express-session object

File Name :

app.use(session({
name: process.env.SESS_NAME,
resave: false,
saveUninitialized: false,
store: sessionStore,
secret: process.env.SESS_SECRET,
cookie: {
httpOnly: true,

maxAge: Three_HOURS,
sameSite: true,
secure: IN_PROD
}
}))

Name :- The default one is just called ID. but you write your unique session name. so people don't know the cookie name you are using this library.

session secret :- you choose session secret code is unique and it is better to keep it in your environment Variables file. Then we will get it from the environment file instead of just having the secret in server.js because it is not a good practice to have your secrets in your source code.

resave :- you don t want to resave their session every single time, you can turn that on, but we are just going to keep it off because we only really need to store it once and then just update it if we want to; we don’t need to save every time.

saveUninitialized :- if we don't want to store anything about the user or we don't create a cookie for the user then set false.

cookies:- set httponly is true. because it is very important. when it is true then JavaScript cannot access your cookie. which is essential for security.

secure :- secure: process.env.NODE_ENV === "production". The secure is for HTTPS so that it will send the cookie over HTTPS. This setting is crucial for production, and you should run HTTPS for production, so this shouldn’t be a problem. To check whether we are production if we are, we turn it on, and if we are not running HTTPS in development, we turn it off.

store session in MySQL database

File Name : server.js

const mysql = require('mysql');
// create your connection pool
const pool = mysql.createPool(options);

Complete Code

File Name : server.js

File Name :

Itechtuto

NodeJs Tutorials

How to store session data in mysql database Using NodeJs?

File Name :

File Name :

File Name : Server.js

File Name :

File Name :

File Name :

File Name :

File Name : server.js

File Name : server.js

File Name :

File Name :

File Name :

File Name :

File Name :

File Name :

Connect Us Socially:

Quick Links