Request Processing
Session Management
Server-side session storage with support for memory and Redis stores for scalable session management.
Basic Session Setup
MoroJS provides built-in session management middleware with support for memory-based and Redis-based session storage.
Memory-Based Sessions
typescript
Session Features
- Secure session cookie with httpOnly flag
- Automatic session expiration
- Session data stored server-side
- Support for memory and Redis stores
- Automatic session cleanup
Redis Session Storage
Redis-Based Sessions
typescript
Best Practices
Do
- Use Redis for production deployments
- Set secure cookie flags in production
- Use strong session secrets
- Set appropriate maxAge values
- Destroy sessions on logout
- Store minimal data in sessions
Don't
- Store sensitive data in sessions
- Use memory store in production
- Use weak session secrets
- Set very long session expiration
- Store large objects in sessions
- Skip session cleanup