Sessions
Sessions
Colonel includes a request-scoped session API in framework.
How It Works
- Kernel optionally initializes a session for each request.
- Session ID is stored in an HTTP-only cookie.
- Payload is persisted via SessionStore.
- Default store is InMemorySessionStore.
Enabling Sessions
In server bootstrap:
new Kernel(router, middleware, {
viewsRoot,
session: {
enabled: true,
cookieName: 'colonel.sid',
ttlSeconds: 60 * 60 * 24 * 7,
},
controllerResolver,
}, container)
Using Sessions in Controllers
const visits = (this.sessionGet<number>(req, 'visits') ?? 0) + 1;
this.sessionPut(req, 'visits', visits);
Invalidating Sessions
Use request.session.invalidate() if you need logout-style behavior.
Production Notes
InMemorySessionStore is fine for local dev and small single-instance deployments. For multi-instance production, provide a custom SessionStore backed by shared storage.