Justin
Justin
Appears as though the only issues now (3) are with the Prop Types
**tl;dr** currently the `destroy` method in `lib/context.js` only sets the cookie data to be blank, instead of expiring it. This is because `koa` uses the `cookies` module, but doesn't take...
Pull request created for this feature request: #182
The app reference is required, for use in `context.js::emit()` The `emit` class method is called from `valid()`, which validates a session as expired or valid. https://github.com/koajs/session/blob/c23bab4023b95c65be46b4eeaf089608ddaa738e/lib/context.js#L184-L194 As for the storage...
It's also something that I've noticed, that there's no way to 'bind' the middleware to the app contextually, it's enforced. I also get your use case, and it makes sense,...
**tl;dr** the content of the cookie is not encoded, only the `.sig` when `signed` is used. Also, by default it uses the `sha1` algorithm to generate the `.sig` cookie, which...
>I'm not particularly concerned about how trivial it is to parse the session cookie Given the encrypted hash, and the raw data (which is just obfuscated in base64), it's trivial...
There's logic in `context.js` to handle setting the default maxAge for a cookie, if it isn't explicitly set to `session`: https://github.com/koajs/session/blob/10bb12246699101a0c87a2f3e2e09b1a79e10e33/lib/context.js#L290-L307 `ONE_DAY` is defined in `context.js`: ```javascript const ONE_DAY =...
What's your option config?
@ejose19 @dead-horse I've created a pull request with code to expire the .sig and session cookies #180