Log in from a computer to take this course

You'll need to log in from a computer to start User Authentication & Authorization in Express. But you can practice or keep up your coding streak with the Codecademy Go app. Download the app to get started.

apple storegoogle store

Now that we have express-session installed, we can configure the middleware and implement it in app.js. Let’s explore a few of the options we can configure:

  • secret: The secret property is a key used for signing and/or encrypting cookies in order to protect our session ID.

The next two properties determine how often the session object will be saved.

  • resave: Setting this option to true will force a session to be saved back to the session data store, even when no data was modified. Typically, this option should be false, but also depends on your session storage strategy.

  • saveUninitialized: This property is a boolean value. If it’s set to true, the server will store every new session, even if there are no changes to the session object. This might be useful if we want to keep track of recurring visits from the same browser, but overall, setting this property to false allows us to save memory space.

Once all options are configured we configure the properties for express-session like so:

app.use( session({ secret: "D53gxl41G", resave: false, saveUninitialized: false, }) );

Note that we are using a hardcoded string of characters for the secret property. Usually, this random string should be stored securely in an environment variable, not in the code.

The resave and saveUninitialized properties are set to false in order to avoid saving or storing unmodified sessions. With those options put in place, we have the most basic setup of our middleware!

In the next exercise, we will specify where the session data should be stored.



Add a session middleware in app.js.

Set the secret to a random string. We don’t want to save the session unless it’s modified, so set the other properties to the appropriate values.

Type node app.js into the Terminal to start the node app.

Press Check Work button to check your work.

Take this course for free

Mini Info Outline Icon
By signing up for Codecademy, you agree to Codecademy's Terms of Service & Privacy Policy.

Or sign up using:

Already have an account?