I'm building a single-page javascript app that talks to Express on the back end. At various points in the app, we interact with the back end, updating the session. The session expiration is relatively short for security reasons.
In it, I'd like to warn the user that the session might be expiring, if they've been idle for a long time and have not made any transactions with the back end.
I'd like to have an Express "heartbeat" route that returns how long the session has remaining (session.maxAge), but I don't want it to refresh the session expiration.
The connect.session code automatically refreshes the session at the end of a request.
I'm looking for a way to have access to the session to fetch the maxAge, but not have it updated.
Best bet would be modifying your SessionStore manually to not modify the session expiration when coming from a specific route (req.url).
Look for the part of your sessionStore that calls Session.touch().