Being somewhat new to node/express, I've been working on a project for myself to be sure I have the fundamentals down. At the moment, I'm really focusing on sessions.
I have a back-end session store set up via redis and use connect-redis to simplify things within the app. I've been playing around with the cookie maxAge and connect-redis TTL and have a single (hopefully simple) question.
Is it best practice to set both connect-redis TTL option and the cookie maxAge or is maxAge sufficient?
Obligatory code:
app.use(express.session({
secret:'stackoverflowrulz',
store: new RedisStore({ host: 'example.com', port: 6379, client: redis, ttl: 3600000 }),
cookie: { maxAge: 3600000 }
}));
It seems like the maxAge cookie setting "flows through" based upon what I see around line 118 in the connect-redis source but I'm not an expert coder and I can't find written documentation to confirm what I think I'm reading.