Storing session data in RAM is fine for development, but would quickly crash a production server. In this lesson learn how to use a MongoDB-based data store for your session variables, which provides a scalable solution for a production server.
Mongo Shell Cheatsheet
You first need to log into the Mongo shell —
mongo in the terminal for Macs and Linux, or start mongo.exe for Windows.
show dbs— display the databases
use bookworm— specify the database you're going to work with
show collections— shows the document collections for the selected database
db.users.find()— display all the documents in the
db.users.find().pretty()— nicer format for output documents within the shell
- connect-mongo A MongoDB session store for Connect and Express
When a user logs in we store their user ID in a session, and 0:00 retrieve it when we want to see who's logged in. 0:04 Our authentication system relies on sessions. 0:07 However, our basic system stores the session data in the server's memory. 0:10 Server RAM is a limited resource and 0:15 it can quickly fill up if a lot of folks sign up and login. 0:17 Too many logins and the server will slow down and eventually crash. 0:20 For a production server you should use a more scalable solution. 0:26 There are many sessions storage options for 0:29 express including ones that use fast databases like Redis and Mongo. 0:31 Since we're already using Mongo in this course, 0:36 let's use Mongo db to store session data. 0:38 Fortunately for us, someone's already written a middleware module 0:42 called Connect Mongo which makes it very simple to add a Mongo session store. 0:45 Let me show you how it works. 0:50 First, I need to install the connect Mongo module. 0:52 I'll open up the terminal. 0:56 And, make sure I'm in the project's root directory. 0:57 And then, I'll run NPM install connect dash 1:00 Mongo dash dash save to download the module and include it in our project. 1:05 Then, in my text editor, I'll open app dot JS. 1:11 To use the module I'll have to require it. 1:16 I'll add this line after the line that loads our session module. 1:20 You'll notice that I'm not only loading this module, but 1:26 I'm also calling it passing our express session as an argument. 1:29 This lets the connect Mongo middleware access the sessions. 1:33 Now, let's find the middleware where we configure the session. 1:37 I'm going to add a new key called store. 1:44 And, in it I'll store a new instance of Mongo store. 1:49 The session constructor function takes a configuration object, and 1:53 all we need to do is set Mongoose connection to DB. 1:56 If you look at the code to connect to Mongo DB. 2:01 You'll see a line where we set a variable, DB, 2:05 to the Mongoose connection, after we've connected to the local Mongo DB instance. 2:08 Now, I just noticed that our DB connection is defined down here 2:14 after we use it in our session. 2:17 That'll cause an error since DB isn't yet defined. 2:19 So, I'll go up here and cut our session code. 2:23 And then, 2:28 just paste it in here after the Mongo DB connection. 2:31 Believe it or not, that's all there is to it. 2:35 Passing the same Mmongoose connection is all it takes to start using Mongo DB 2:38 as a session store. 2:42 Now, our application stores session data in Mongo instead of in RAM. 2:44 To prove it let's use the application and 2:49 see that a new collection is added to our database. 2:51 But, first let's look at the collections we currently have in our database. 2:54 I'll switch to the terminal and open a new tab. 2:58 I'll open the Mongo shell by typing Mongo. 3:02 Now, if you're on Windows you'll need to run the Mongo executable. 3:05 And, if you get an error you might not have Mongo running, so 3:09 make sure you've got it started. 3:12 In this shell you can see all your Mongo databases by typing show dbs. 3:14 There's the bookworm database. 3:20 But what's in it? 3:22 To see the collections in the database we need to select it. 3:22 Use bookworm. 3:26 Then we show the collections by typing show collections. 3:29 There is the system dot indexes, that's some internal collection used by Mongo. 3:35 And, there is our users collection that holds user data. 3:39 I'll switch to another tab, and start up our application by typing Nodemon. 3:42 Now, if I login to the site, a new collection is created, and 3:49 my session is stored in it. 3:54 Let's go back to the terminal and the Mongo shell. 3:56 I'll type show collections again, 3:59 and you'll see there's a new collection called sessions. 4:00 Let's see what's inside it, 4:05 db dot sessions dot find. 4:09 Voila, there's the session and there's my user id. 4:13 Let's see what happens if I log out. 4:16 I'll log out, return to the terminal and see what's inside the sessions collection. 4:18 Nothing it's empty. 4:24 Remember our log out route deletes the user session. 4:28 So, my session's now gone. 4:31 All right, this authentication system is capable of handling 4:32 thousands of users without bringing down the server. 4:37 In the next video, I'll wrap up the course and talk to you about a few next steps 4:40 you could explore for enhancing authentication on your sites. 4:44
You need to sign up for Treehouse in order to download course files.Sign up