What is the expiration time for the session data?

[haohello]

[majidkuhail]

Hey @haohello ,

The session expiry time depends on two factors:

1- The Session ID cookie setting:

Which can be passed as the cookie option when defining the session, These settings are the standard cookie browser configurations with maxAge and expires defining the lifetime of the cookie, For example:

export const session = nextAppSession({
   name: 'SID',
   secret: 'secret goes here' ,
   cookie: {
      // Bowser Cookie options can be passed here
      maxAge: 100000, // milliseconds to expire cookie after last session update, you can set to zero to disable expiry
      // Or you can use expires
      // expires: new Date('2023/10/03')) // a set date/time
   }
}); 

2- The session store:

Another important factor to the lifetime of the session is the session storage service you're using.

• If you're using the default store which is the MemoryStore, then its lifetime will end when the Node process ends or restarts (ie: when you restart the Nextjs app or it restarts itself due to config changes), Thats why in the docs its mentioned that MemoryStore should not be used in production as its just storing the data in a singleton.
• If you're using a Redis store or a similar service, or maybe implementing your own custom store then its entirely controlled by the store you're using and whether it's setup with an expiry time or if it preserves the state in memory or disk. By default Redis preserves data without an expiry date.

TLDR:
If you wish to preserve the session without an expiry time, then set cookie option maxAge:0 and don't use the default MemoryStore and instead implement Redis or some similar service.
If you wish for the session to expiry then simply update the cookie options to reflect the expiry time.

Thanks for the inquiry, and I'll make sure to update the docs to have session expiry examples and FAQs.

[haohello]

Please take a look at setting the ttl value in the connect-redis, https://github.com/tj/connect-redis
I'm wondering how I can set the expiration time if i'm using your library and the connect-redis.

The following is the excerpt from the connect-redis readme:
ttl

If the session cookie has a expires date, connect-redis will use it as the TTL.

Otherwise, it will expire the session using the ttl option (default: 86400 seconds or one day).