Manage user state across requests with a powerful, driver-based session system. CanxJS v1.6.3 introduces robust Database and Redis drivers for production-ready session handling.
Support for Database, Redis, File, and Memory stores
HttpOnly cookies, CSRF protection, and encryption
Store temporary data for the very next request
Type-safe session interface for better DX
Configure your session driver in config/session.ts. By default,database driver is recommended for production.
1// config/session.ts2export const sessionConfig = {3// Supported drivers: "memory", "database", "file", "redis"4driver: process.env.SESSION_DRIVER || "database",5// Session lifetime in seconds (default: 2 hours)7lifetime: 120 * 60,8// Cookie name10cookie: "canx_session",11// Database table name (for database driver)13table: "sessions",14};
To use the database driver, you must create a migration for the sessions table.
1import { Migration, Schema } from "canxjs";23export class CreateSessionsTable extends Migration {4async up() {5await Schema.create("sessions", (table) => {6table.string("id").primary();7table.foreignId("user_id").nullable().index();8table.string("ip_address", 45).nullable();9table.text("user_agent").nullable();10table.text("payload");11table.integer("last_activity").index();12});13}1415async down() {16await Schema.drop("sessions");17}18}
Access the session instance via the request object req.session.
1// In a controller or route handler2export const login = async (req, res) => {3// Store data in session4req.session.put("user_id", user.id);5req.session.put("role", "admin");6// Flash messages (available only on next request)8req.session.flash("success", "Welcome back!");9return res.redirect("/dashboard");11};1213export const dashboard = async (req, res) => {14// Retrieve data15const userId = req.session.get("user_id");16const message = req.session.get("success"); // Flash message17// Remove data19req.session.forget("key");20// Clear entire session22req.session.flush();23};