Clarity on "Expires" column in the MySql database

[Tim-Parks-Lynch]

Hi Chill117,

First of all, thank you for creating this package. MySql was my first dive into programming, so it has always remained popular to me when I use DB's for coding. Hopefully this will be a quick question, and if it turns out it is something I need to ask express-sessions please let me know.

My question being: "How is the value for the 'expires' column inside of the sessions table generated?". Pic below

Everything is working as I thought it would as far as setting the session to expire and having the session removed. So no errors or issues there, but the 'expires' column seems to just be set to around 1708116620ms or something similar to 1708XXXXXXms. This isn't impacting my application as the cookie and session are still being deleted, but I'm just trying to understand where that value is coming from.

Below is my code, unrelated code was truncated for brevity.

session.js file

require("dotenv").config();
const mysql = require("mysql2/promise");
const { pool } = require("./db_connnection.js");
const session = require("express-session");
const MySQLStore = require("express-mysql-session")(session);

const sessionStore = new MySQLStore(
  {
    clearExpired: true,
    checkExpirationInterval: 60000, //900000, //every 15 mins
    expiration: 43200000, //86400000, // 1 day
  },
  pool
);

module.exports = sessionStore;

server.js file

const session = require("express-session");
const sessionStore = require("./session.js");

const MAXAGE = 1000 * 60 * 60 * 1;
// 60
// * 1; //1 hr

app.use(
  session({
    key: "session_cookie_name",
    secret: "session_cookie_secret",
    store: sessionStore,
    resave: false,
    saveUninitialized: false, // turn false for cookie consent
    rolling: true,
    cookie: {
      maxAge: MAXAGE,
      secure: true,
      sameSite: true,
    },
  })
);

db_connection.js for pool

require("dotenv").config();
const mysql = require("mysql2/promise");

const pool = mysql.createPool({
  host: process.env.HOST,
  user: process.env.USER,
  password: process.env.PASSWORD,
  database: process.env.DATABASE,
  waitForConnections: true,
  connectionLimit: 10,
  queueLimit: 0,
});

module.exports = {pool,}

Once again, thank you very much and appreciate the work that went into this!

-Tim

[chill117]

Hi Tim,

The expires value in the sessions table comes from the cookie.expires value (if it is used) or the current timestamp plus the expiration option time. See the following code as a reference:

                        let expires;
                        if (data.cookie) {
                                if (data.cookie.expires) {
                                        expires = data.cookie.expires;
                                } else if (data.cookie._expires) {
                                        expires = data.cookie._expires;
                                }
                        }
                        if (!expires) {
                                expires = Date.now() + this.options.expiration;
                        }
                        if (!(expires instanceof Date)) {
                                expires = new Date(expires);
                        }
                        // Use whole seconds here; not milliseconds.
                        expires = Math.round(expires.getTime() / 1000);

index.js#L201-L216
index.js#L244-L259