express-session in an Express app?express-session helps keep track of user data across multiple requests by storing session info on the server. It allows the app to remember who the user is after they log in.
express-session identify a returning user?It uses a cookie with a session ID stored in the user's browser. When the user sends requests, the cookie is sent back, letting the server find the matching session data.
secret option in express-session?The secret is a string used to sign the session ID cookie. This helps prevent tampering and keeps sessions secure.
Storing session data on the server keeps sensitive info safe. Cookies can be seen or changed by users, so only a session ID is stored in the cookie to link to server data.
req.session.destroy() in an Express app?This deletes the user's session data on the server and removes the session cookie, effectively logging the user out.
express-session use to track a user's session?The session ID is stored in a cookie, which the browser sends with each request to identify the user session.
express-session middleware?The secret option signs the session ID cookie to secure it.
express-session by default?By default, session data is stored in server memory, which is not suitable for production but fine for learning.
req.session.save() do?This forces the session to be saved right away instead of waiting for the response to finish.
HTTPS encrypts data sent between browser and server, protecting session cookies from attackers.