kwaeri-node-kit-database-session-store
A Massively Modified Open Source Project by kirvedx
The @kwaeri/filesystem-session-store component for the @kwaeri/node-kit application platform
TOC
The Implementation
kwaeri/database-session-store implements the SessionStore
interface and provides the DatabaseSessionStore
class which, in turn, provides a database-based session store.
Getting Started
NOTE
This module is not ready for production, but published for testing and development purposes. It is in a beta state that is intended for allowing a larger audience of users to try out anything that may already be available, but please be aware that there is likely many aspects of the platform which are not working and/or completely broken; This is intended to allow users to find and report such issues so that they may be fixed. Updated documentation and complete examples and tutorials for getting started will be provided as the platform rewrite nears completion.
Installation
kwaeri/node-kit wraps the various components under the kwaeri scope and provides a single point of entry for both the kwaeri/node-kit application framework and kwaeri/cli component of the kwaeri platform.
kwaeri/cli wraps the various user-executable framework components under the kwaeri scope, and provides a single point of entry to the CLI tooling of the kwaeri platform.
If you wish to use kwaeri/database-session-store - perform the following steps:
Install kwaeri/database-session-store:
npm install @kwaeri/database-session-store
Currently, only @kwaeri/mysql-database-driver
is supported as a database driver. As such, you'll need to make sure to install the module; While it is listed as a dev dependency, you may run into issues if you only install production dependencies and fail to manually install @kwaeri/mysql-database-driver
. This design is intentional, as we will eventually additionally support postgresql via @kwaeri/postgresql-database-driver
. At that point you will have the option to install whichever provider you like, with both connectors installing as part of the development dependencies.
Usage
Using the database session store in-place of the in-memory session store is quite simple. First, you'll need to ensure that the session configuration is set for your application:
conf/sessions.${environment}.json
:
NOTE: environment
in this case is either default
, production
, or test
. This is set by environment variables, or via the command line when you launch your application (i.e. NODE_ENV=test npm start
)
{
"provider": "nodekit",
"type": "database",
"async": true,
"paths": {
"driver": "@kwaeri/mysql-database-driver"
},
"table": "nodekit_sessions"
}
Most of that is simple identification:
-
provider is required to be
nodekit
for a nodekit session provider. - type can be anything - for debug purposes you may want it to truly reflect the type.
-
async must be
true
for asynchronous session providers - which is the case for DatabaseSessionStore. -
paths is for providers that require a filesystem or which need an import path specified. It is required for this store - specifically you need to specify the driver import to use for your database of choice (at this time, only
@kwaeri/mysql-database-driver
is supported - though postgresql support may soon be added). - table specifies the table to use for sessions, and is required for this store. The database session store provider shares a database provider with the application, and as such shares its configuration, thus only the table needs to be specified.
Next, you'll need to modify the app.js
file in the root of your kwaeri application project such that the module is imported properly:
app.js
import { Configuration } from '@kwaeri/configuration';
// This line is added by you:
import { DatabaseSessionStore as store } from '@kwaeri/database-session-store';
// This is already in there
const configuration = new Configuration( 'conf', `kwaeri.${env}.json` ),
sessionConfiguration = new Configuration( 'conf', `sessions.${env}.json` ),
databaseConfiguration = new Configuration( 'conf', `database.${env}.json` );
async function main() {
// ...
const conf = await configuration.get();
// ...
const nk = new nodekit( { ...conf, session, store, database } );
nk.listen();
}
// Start the application:
main();
As you can see, you're only required to replace whichever provider is used for as store
. If none were set, then the application is using the BaseSessionStore
, an in-memory session store that should only be used for immediate testing purposes. Most templates will be using the default recommended providers memcached
or the more recently added redis
. Simply replace the existing import with the provider of your choice - and the resulting store
is leveraged appropriately.
You'll need to make sure you have the proper database installed, configured, and the database configuration set properly. The database-session-store provider will then install the proper table and manage it automatically as needed.
More documentation to come!
How to Contribute Code
Our Open Source projects are always open to contribution. If you'd like to cocntribute, all we ask is that you follow the guidelines for contributions, which can be found at the Massively Modified Wiki
There you'll find topics such as the guidelines for contributions; step-by-step walk-throughs for getting set up, Coding Standards, CSS Naming Conventions, and more.
The project also leverages Keybase for communication and alerts - outside of standard email. To join our keybase chat, run the following from terminal (assuming you have keybase installed and running):
keybase team request-access kwaeri
Alternatively, you could search for the team in the GUI application and request access from there.
Other Ways to Contribute
There are other ways to contribute to the project other than with code. Consider testing the software, or in case you've found an Bug - please report it. You can also support the project monetarly through donations via PayPal.
Regardless of how you'd like to contribute, you can also find in-depth information for how to do so at the Massively Modified Wiki
Bug Reports
To submit bug reports, request enhancements, and/or new features - please make use of the issues system baked-in to our source control project space at Gitlab
You may optionally start an issue, track, and manage it via email by sending an email to our project's support desk.
For more in-depth documentation on the process of submitting bug reports, please visit the Massively Modified Wiki on Bug Reports
Vulnerability Reports
Our Vulnerability Reporting process is very similar to Gitlab's. In fact, you could say its a fork.
To submit vulnerability reports, please email our Security Group. We will try to acknowledge receipt of said vulnerability by the next business day, and to also provide regular updates about our progress. If you are curious about the status of your report feel free to email us again. If you wish to encrypt your disclosure email, like with gitlab - please email us to ask for our GPG Key.
Please refrain from requesting compensation for reporting vulnerabilities. We will publicly acknowledge your responsible disclosure, if you request us to do so. We will also try to make the confidential issue public after the vulnerability is announced.
You are not allowed, and will not be able, to search for vulnerabilities on Gitlab.com. As our software is open source, you may download a copy of the source and test against that.
Confidential Issues
When a vulnerability is discovered, we create a [confidential issue] to track it internally. Security patches will be pushed to private branches and eventually merged into a security
branch. Security issues that are not vulnerabilites can be seen on our public issue tracker.
For more in-depth information regarding vulnerability reports, confidentiality, and our practices; Please visit the Massively Modified Wiki on Vulnerability
Donations
If you cannot contribute time or energy to neither the code base, documentation, nor community support; please consider making a monetary contribution which is extremely useful for maintaining the Massively Modified network and all the goodies offered free to the public.