1

I am using a monitoring app which sends HTTP requests to my Node application (I can filter out these monitoring HTTP requests using the user agent via req.headers['user-agent']). I am using sessions in express as follows (using express-sessions):

app.use(express.session({ secret: 'adadafadgdgfgd34', cookie: {maxAge: new Date(Date.now() + 3600000)}, store: new (require('express-sessions'))({
storage: 'redis', instance: redisConnection, collection:'sessions', expire: 3600000 }) }));

Unless I am mistaken, the session & sessionID get generated as soon as the middleware gets hit. I am thinking of placing code before this middleware call to intercept/check the user agent and only call this session code if its a regular user agent (i.e. not coming from an automated monitor with a non-standard user agent) though I do not think I can use req.headers call there. Is there any other approach to better handle this scenario (or a module/library I can use)? The end goal is to avoid storing the monitoring server HTTP requests from generating a new session every time it hits my app and avoid storing it in redis (I would prefer not to change the monitoring server if possible).

ali haider
  • 19,175
  • 17
  • 80
  • 149
  • Just to clear things session is generated when request is hit first. Subsequent requests do not generate session as cookie is set on user. If the user clears cookies or does not use them, only then it will be generated again. – user568109 Jan 14 '14 at 04:52
  • yes I know - the cookie is not used by the monitoring app and hence a session is generated which I am trying to prevent (but want to generate a session for regular users). – ali haider Jan 14 '14 at 12:58
  • 1
    A better/cleaner way would be send something unique in your requests, either a header or cookie or body and detect it early enough in the middleware chain. Otherwise use a special route like here http://stackoverflow.com/questions/11650489/express-js-sessions-activated-on-a-subset-of-routes – user568109 Jan 14 '14 at 13:55

0 Answers0