Sessions?
If you have not used sessions before, in brief they are pretty similar to cookies, in that sessions enable you to track the active users of your application in real time. Sessions actually work via a session cookie, which is sent in the request / response headers from your app.
So cookies and sessions are intertwined by nature. Then why do we need sessions if we already have cookies? What sessions give you in addition is the ability to define the back-end storage used by the server part of your application. This means that whenever the information is required by your app, it can be retrieved from the database.
So in a real-life example for our chat application, we can now store the username of the user—and if we reconfigured our app somewhat, also insert the entire chat history into the database for logging.
In this next example we will use a Mongo database for persistent back-end storage. This is one of several options available for session storage, and another I highly recommend for larger-scale production setups with multiple web servers is memcache.
Document Storage
Mongo is a NoSQL document storage engine rather than a relational data store such as the popular MySQL. NoSQL is really easy to get your head around if you are coming from MySQL or similar databases and need to get up to speed with Mongo—it won’t take you long. The biggest differences you should know are the following:
- As the name says, NoSQL doesn’t use SQL to perform queries. Instead the data is abstracted with method calls; for example db.collectionName.find() would be a SELECT * FROM table.
- Terminology is different: in MySQL we have Tables, Rows and Columns, and in Mongo it’s Collections, Documents and Keys.
- Data is structured, the same as a JSON object.
- $ sudo apt-get install mongodb
- $ npm install mongoose --save
- //Configure our Services
- var PeerServer = require('peer').PeerServer,
- express = require('express'),
- mongoose = require('mongoose'),
- assert = require('assert'),
- events = require('./src/events.js'),
- app = express(),
- port = process.env.PORT || 3001;
- //Connect to the database
- mongoose.connect('mongodb://localhost:27017/chat');
- var db = mongoose.connection;
- mongoose.set('debug', true);
- db.on('error', console.error.bind(console, '# Mongo DB: connection error:'));
The /chat defines the name of the database we are connecting to.
Next, for development purposes, I recommend we set the debugging to on.
- mongoose.set('debug', true);
- db.on('error', console.error.bind(console, '# Mongo DB: connection error:'));
- db.once('open', function (callback) {
- console.log("# Mongo DB: Connected to server");
- }
Here is a full code listing with mongoose added and inserting rows and deleting them as users come online and go offline.
- //Configure our Services
- var PeerServer = require('peer').PeerServer,
- express = require('express'),
- mongoose = require('mongoose'),
- assert = require('assert'),
- events = require('./src/events.js'),
- app = express(),
- port = process.env.PORT || 3001;
- //Tell express to use the 'src' directory
- app.use(express.static(__dirname + '/src'));
- //Connect to the database
- mongoose.connect('mongodb://localhost:27017/chat');
- var db = mongoose.connection;
- mongoose.set('debug', true);
- db.on('error', console.error.bind(console, '# Mongo DB: connection error:'));
- db.once('open', function (callback) {
- console.log("# Mongo DB: Connected to server");
- //Setup our User Schema
- var usersSchema = mongoose.Schema({username: String});
- var User = mongoose.model('User', usersSchema);
- //Configure the http server and PeerJS Server
- var expressServer = app.listen(port);
- var io = require('socket.io').listen(expressServer);
- var peer = new PeerServer({ port: 9000, path: '/chat' });
- //Print some console output
- console.log('#### -- Server Running -- ####');
- console.log('# Express: Listening on port', port);
- peer.on('connection', function (id) {
- io.emit(events.CONNECT, id);
- console.log('# Connected: ', id);
- //Store Peer in database
- var user = new User({ username: id });
- user.save(function (err, user) {
- if (err) return console.error(err);
- console.log('# User '+ id + ' saved to database');
- });
- });
- peer.on('disconnect', function (id) {
- io.emit(events.DISCONNECT, id);
- console.log('# Disconnected: ', id);
- //Remove Peer from database
- User.remove({username: id}, function(err){ if(err) return console.error(err)});
- });
- });
Now connect to the chat as normal inside the browser (default at http://localhost:3001).
Once you have connected to your chat, in a new terminal window open mongo chat to enter the mongo cli.
- $ mongo chat
- MongoDB shell version: 2.0.6
- connecting to: chat
- > db.users.find()
- { "username" : "CameronLovesPigs", "_id" : ObjectId("5636e9d7bd4533d610040730"), "__v" : 0 }
- > db.users.count()
- 3
Because we used Express to build our application, this part is really pretty simple and just requires the installation of a couple modules from npm to get us going.
Get the express-session and connect-mongo packages from npm:
- $ npm install express-session connect-mongo cookie-parser --save
- var PeerServer = require('peer').PeerServer,
- cookieParser = require('cookie-parser'),
- express = require('express'),
- session = require('express-session'),
- mongoose = require('mongoose'),
- MongoStore = require('connect-mongo')(session),
- //...
- //Connect to the database
- mongoose.connect('mongodb://localhost:27017/chat');
- var db = mongoose.connection;
- mongoose.set('debug', true);
- db.on('error', console.error.bind(console, '# Mongo DB: connection error:'));
- app.use(cookieParser());
- app.use(session({
- secret: 'supersecretstring12345!',
- saveUninitialized: true,
- resave: true,
- store: new MongoStore({ mongooseConnection: db })
- }))
We specify where with the store property, which we set to the MongoStore instance, specifying which connection to use via mongooseConnection and our db object.
To store to the session, we need to use express for the request handling because we need access to the request value, for example:
- //Start persistent session for user
- app.use(function(req, res, next) {
- req.session.username = id;
- req.session.save();
Next, we can check for this value with our client-side code and automatically log the user in when they refresh so that they never get signed out of the chat and are automatically logged in as their chosen username.
Also interesting to note, because we have database-backed sessions, is that in the event of the developers changing the application and the back-end reloading, the users logged in to their clients will stay logged in as the session store is now persistent. This is a great feature to keep your users happy and logged in all the while you are developing, or if there’s a disconnection from an unstable client.
Persistent Login
Now that we have the session cookie part set up, let’s work on adding persistent login to our front-end code.
So far we have just used the default route provided by Express for an SPA application, and not defined any route handling for Express. As I mentioned before, to get access to the session you will need Express’s request / response variables.
First we need one route so we can access the request object Express provides and display it for debugging purposes. Inside your Express configuration in /app.js, add the following near the top of the file, after the session setup:
- app.use(session({
- secret: 'supersecretstring12345!',
- saveUninitialized: true,
- resave: true,
- store: new MongoStore({ mongooseConnection: db })
- }))
- app.get('/', function (req, res) {
- res.sendFile(__dirname +'/src/index.html');
- if(req.session.username == undefined){
- console.log("# Username not set in session yet");
- } else {
- console.log("# Username from session: "+ req.session.username);
- }
- });
- //Save the username when the user posts the set username form
- app.post('/username', function(req, res){
- console.log("# Username set to "+ req.body.username);
- req.session.username = req.body.username;
- req.session.save();
- console.log("# Session value set "+ req.session.username);
- res.end();
- });
- //Return the session value when the client checks
- app.get('/username', function(req,res){
- console.log("# Client Username check "+ req.session.username);
- res.json({username: req.session.username})
- });
- /* global EventEmitter, events, io, Peer */
- /** @jsx React.DOM */
- $(function () {
- 'use strict';
- // Check for session value
- $(document).ready(function(){
- $.ajax({
- url: '/username'
- }).done(function (data) {
- console.log("data loaded: " + data.username);
- if(data.username)
- initChat($('#container')[0], data.username);
- });
- });
- // Set the session
- $('#connect-btn').click(function(){
- var data = JSON.stringify({username: $('#username-input').val()});
- $.ajax({ url: '/username',
- method: "POST",
- data: data,
- contentType: 'application/json',
- dataType: 'json'
- });
- });
- // Initialize the chat
- $('#connect-btn').click(function () {
- initChat($('#container')[0],
- $('#username-input').val());
- });
- function initChat(container, username) {
- var proxy = new ChatServer();
- React.renderComponent(<ChatBox chatProxy={proxy}
- username={username}></ChatBox>, container);
- }
- window.onbeforeunload = function () {
- return 'Are you sure you want to leave the chat?';
- };
- });
Fire up the chat again with npm start and have a look in your browser to see the sessions working.
Conclusions
Now you have seen how easy it is to use Mongoose in conjunction with Express and set up Express sessions. Taking your application development further with React as the view controller linked to database-backed elements will create some serious applications.
Written by Tom Whitbread
If you found this post interesting, follow and support us.
Suggest for you:
Modern React with Redux
Advanced React and Redux
Build Apps with React Native
React for Visual Learners
The Complete Web Development Tutorial Using React and Redux