Using latest version of node, express, express-session and connect-redis. I'm trying to achieve a bit more control over sessions of other users from the backend. For example, I'd like to change/delete a specific user's session without them making a request (so I don't have access to req.session.destroy() or any of that).
store.all(callback) Provides a way to fetch all users in the store, but with many users this is a sub-optimal solution. Therefore, I am wondering if there's a way to set per user prefixes on the redis keys so they may be retrieved. Default is sess:some_very_long_id, and I want sess:my_username:long_id.
It is worth mentioning that we can fetch a single session from the redis store but it would require saving all the session ids related to each user elsewhere which is also not optimal.
Some sample code for context
const redisclient = require('./redis');
const express = require('express');
const expressSess = require('express-session');
const RedisStore = require('connect-redis')(expressSess);
const store = new RedisStore({ client: redisclient });
const session = expressSess({
store : store,
secret : 'mysecret',
sameSite : true,
proxy : true,
key : 'sid',
resave : false,
saveUninitialized : false,
ttl : 60 * 60 * 24 * 2,
cookie: {
httpOnly : true,
secure : true,
maxAge : 2147483647,
},
});
app.use(express.json());
app.use(session);
... some endpoint where I want to implement deleting or editing sessions as an admin
