7

First Problem
I'm trying to figure out sessions, stores, authorization, and redis. If it's important, I am using [email protected]. I understand that I have two options to put my RedisStore(). Which one do I use? Do I use both?

express.session({secret: 'secret', key: 'key', store: new RedisStore()});
io.set('store', new RedisStore());

I already have node.js, express, and socket.io running. So now I'm trying to implement redis but I don't know how to implement authorization using sessions/stores and I don't know how to write to the redis database. I haven't found any documentation on this. I found a site that talks about sessions and stores using socket.io and express but no redis, and another one that talks about sessions and stores using all three, but it doesn't use io.set('store', ...).

I also don't know if I should use two different stores, one for express and one for socket.io, or if I should just use one. Look at the example for clarification:

//Redis Variables
var redis = require('socket.io/node_modules/redis');
var RedisStore = require('socket.io/lib/stores/redis');
var pub = redis.createClient();
var sub = redis.createClient();
var client = redis.createClient();
var redis_store = new RedisStore({
                        redisPub: pub,
                        redisSub: sub,
                        redisClient: client
                      });

app.configure(function(){
  //...code goes here...
  app.use(express.session({
                    secret: 'secret',
                    key: 'key',
                    store: redis_store  //Notice I'm using redis_store
                  }));
  //...more code...
});

io.configure(function(){
  io.set('store', redis_store);  //Notice it's the same RedisStore() being used
});

Do I use the same RedisStore() for each? Do I create seperate ones for each? Do I just use express or socket.io? What I really want is to be able to authenticate clients (I assume that's done through sessions) and have them update the redis database when they connect - keeping a log of when people accessed my site. Which leads to my second problem.

Second Problem
So I have no idea how to access and edit the redis database from this point. I haven't been able to test this because of my first problem but I assume it would be something like this:

io.sockets.on('connection', function(socket){
  var session = socket.handshake.session;
  redis.put(session);
});

I also haven't seen any documentation on how to update a redis database from within node.js so I highly doubt that redis.put() is the correct terminology haha. I have visited redis's website but I can't find commands for node.js. Just commands for using regular redis from the command line. Anyways, if someone could at least point me in the right direction that would be great. Thanks. :)

Improve this question
1
  • A note: if you end up using a password on your redis store, you'll need to pass the redis module itself under the 'redis' key as part of your RedisStore constructor. For more info, see: stackoverflow.com/questions/13438613/… Commented Nov 20, 2012 at 6:30

1 Answer 1

Reset to default
3

Express and Socket.IO have their own integration with Redis for session management, as you've seen. It is designed as a blackbox integration, the idea being that the session store implementation is independent from the rest of your code. Since it's independent, that means you can't go in and use express or socket.io to access Redis directly. You'll need to add a regular redis client like node_redis. The benefit is you don't have to worry about making all those redis calls yourself, instead you'll be interacting with express or socket.io's session store interfaces.

So in your #1 case, you could pass in a single new instance of RedisStore, not two new ones as you've done. Or you could follow your second link and have socket.io listen through express. In that case it would integrate with express session management. That's why you don't see the extra io.set('store') call in that example.

It'll probably seem redundant to you, but try to think of RedisStore as a special client designed only for session management. Even thought RedisStore probably relies on something like node_redis, you shouldn't try to access it. You have to include another library for accessing your redis database directly, assuming you wanted to store other non-session items in redis in the first place.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Yes I am planning on writing other things to the database. Ok so looking at node_redis I can see that I am already accessing that with my redis variable, but just to be clear you say I should npm install redis to be on the same level as socket.io and then use that instance for my own access to the database? Also, since I'm planning on doing that and all I really want from express or socket.io's stores is to be able to access session data, should I even use a RedisStore() for that? Or should I do like the first link shows and use MemoryStore?
Yes, what you'd probably want to do is stop using the redis client inside the socket.io package and include your own at your project root. MemoryStore isn't bad, but if you want to have multiple web servers, or maintain the session over node restarts then I'd stick with RedisStore. If you want to keep redis sessions, I'd look into connect-redis instead of pulling the redis store out of the socket.io project as well.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.