{"id":34257641,"url":"https://github.com/chill117/express-mysql-session","last_synced_at":"2025-12-16T14:43:27.595Z","repository":{"id":11898244,"uuid":"14461566","full_name":"chill117/express-mysql-session","owner":"chill117","description":"A MySQL session store for the express framework in node","archived":false,"fork":false,"pushed_at":"2024-07-10T10:01:31.000Z","size":483,"stargazers_count":312,"open_issues_count":17,"forks_count":109,"subscribers_count":13,"default_branch":"master","last_synced_at":"2025-10-21T01:28:58.202Z","etag":null,"topics":["express","express-middleware","nodejs","sessions","sessionstore"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/chill117.png","metadata":{"files":{"readme":"readme.md","changelog":"changelog.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"custom":"https://degreesofzero.com/donate.html?project=express-mysql-session"}},"created_at":"2013-11-17T05:09:42.000Z","updated_at":"2025-06-03T22:24:29.000Z","dependencies_parsed_at":"2023-01-13T16:42:52.032Z","dependency_job_id":"e1ac17eb-4680-4a7a-bad0-71eaf2812e23","html_url":"https://github.com/chill117/express-mysql-session","commit_stats":{"total_commits":257,"total_committers":15,"mean_commits":"17.133333333333333","dds":"0.23735408560311289","last_synced_commit":"78f5d2f2d45efe140e5d6c88516414c77681bab4"},"previous_names":[],"tags_count":45,"template":false,"template_full_name":null,"purl":"pkg:github/chill117/express-mysql-session","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chill117%2Fexpress-mysql-session","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chill117%2Fexpress-mysql-session/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chill117%2Fexpress-mysql-session/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chill117%2Fexpress-mysql-session/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/chill117","download_url":"https://codeload.github.com/chill117/express-mysql-session/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chill117%2Fexpress-mysql-session/sbom","scorecard":{"id":277635,"data":{"date":"2025-08-11","repo":{"name":"github.com/chill117/express-mysql-session","commit":"3ece4f74c0e5882f7071c7d0a039106f535747e1"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.7,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/tests.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":3,"reason":"dependency not pinned by hash detected -- score normalized to 3","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/chill117/express-mysql-session/tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/chill117/express-mysql-session/tests.yml/master?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of   1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":0,"reason":"10 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx","Warn: Project is vulnerable to: GHSA-76c9-3jph-rj3q","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w","Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg","Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5","Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-17T14:56:19.124Z","repository_id":11898244,"created_at":"2025-08-17T14:56:19.124Z","updated_at":"2025-08-17T14:56:19.124Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":27766371,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-16T02:00:10.477Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["express","express-middleware","nodejs","sessions","sessionstore"],"created_at":"2025-12-16T14:43:23.223Z","updated_at":"2025-12-16T14:43:27.579Z","avatar_url":"https://github.com/chill117.png","language":"JavaScript","funding_links":["https://degreesofzero.com/donate.html?project=express-mysql-session"],"categories":[],"sub_categories":[],"readme":"# express-mysql-session\n\nA MySQL session store for [express.js](http://expressjs.com/). Compatible with [express-session](https://github.com/expressjs/session).\n\n![Build Status](https://github.com/chill117/express-mysql-session/actions/workflows/tests.yml/badge.svg)\n\n* [Installation](#installation)\n* [Important Notes](#important-notes)\n\t* [Session Table Collation](#session-table-collation)\n\t* [MariaDB Compatibility](#mariadb-compatibility)\n* [Usage](#usage)\n\t* [Use an existing MySQL connection or pool](#use-an-existing-mysql-connection-or-pool)\n\t* [Closing the session store](#closing-the-session-store)\n\t* [Options](#options)\n\t\t* [Custom database table schema](#custom-database-table-schema)\n\t* [Debugging](#debugging)\n* [Contributing](#contributing)\n\t* [Configure Local Environment](#configure-local-environment)\n\t* [Tests](#tests)\n* [Changelog](#changelog)\n* [License](#license)\n\n\n## Installation\n\nAdd to your application via `npm`:\n```bash\nnpm install express-mysql-session --save\n```\nThis will install `express-mysql-session` and add it to your application's `package.json` file.\n\n\n## Important Notes\n\nPotential gotchas and other important information goes here.\n\n### Session Table Collation\n\nThis module creates a database table to save session data. This data is stored in a MySQL text field with the [utf8mb4](https://dev.mysql.com/doc/refman/5.5/en/charset-unicode-utf8mb4.html) collation - added in [MySQL 5.5.3](https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-3.html). The reason for this is to fully support the utf8 character set. If you absolutely must use an older version of MySQL, create your sessions table before initializing the `MySQLStore`.\n\n\n### MariaDB Compatibility\n\nThis module will work with MariaDB, but you must follow the usage examples in this readme found [here](#usage) and [here](#use-an-existing-mysql-connection-or-pool). The [mariadb module](https://github.com/mariadb-corporation/mariadb-connector-nodejs) is __not__ supported - please use the [mysql2 module](https://github.com/sidorares/node-mysql2) instead to create a connection or pool to your MariaDB instance.\n\n\n## Usage\n\nUse with your express session middleware, like this:\n```js\nconst express = require('express');\nconst app = module.exports = express();\nconst session = require('express-session');\nconst MySQLStore = require('express-mysql-session')(session);\n\nconst options = {\n\thost: 'localhost',\n\tport: 3306,\n\tuser: 'session_test',\n\tpassword: 'password',\n\tdatabase: 'session_test'\n};\n\nconst sessionStore = new MySQLStore(options);\n\napp.use(session({\n\tkey: 'session_cookie_name',\n\tsecret: 'session_cookie_secret',\n\tstore: sessionStore,\n\tresave: false,\n\tsaveUninitialized: false\n}));\n\n// Optionally use onReady() to get a promise that resolves when store is ready.\nsessionStore.onReady().then(() =\u003e {\n\t// MySQL session store ready for use.\n\tconsole.log('MySQLStore ready');\n}).catch(error =\u003e {\n\t// Something went wrong.\n\tconsole.error(error);\n});\n```\nThe session store will internally create a mysql2 [connection pool](https://github.com/sidorares/node-mysql2#using-connection-pools).\n\nThe sessions database table should be automatically created, when using default options. If for whatever reason the table is not created, you can find the schema [here](https://github.com/chill117/express-mysql-session/blob/master/schema.sql).\n\n### Use an existing MySQL connection or pool\n\nTo pass in an existing MySQL database connection or pool, you would do something like this:\n```js\nconst mysql = require('mysql2/promise');\nconst session = require('express-session');\nconst MySQLStore = require('express-mysql-session')(session);\n\nconst options = {\n    host: 'localhost',\n    port: 3306,\n    user: 'db_user',\n    password: 'password',\n    database: 'db_name'\n};\n\nconst connection = mysql.createConnection(options); // or mysql.createPool(options);\nconst sessionStore = new MySQLStore({}/* session store options */, connection);\n```\n\n### Closing the session store\n\nTo cleanly close the session store:\n```js\nsessionStore.close().then(() =\u003e {\n\t// Successfuly closed the MySQL session store.\n\tconsole.log('MySQLStore closed');\n}).catch(error =\u003e {\n\t// Something went wrong.\n\tconsole.error(error);\n});\n```\n\n\n### Options\n\nHere is a list of all available options:\n```js\nconst options = {\n\t// Host name for database connection:\n\thost: 'localhost',\n\t// Port number for database connection:\n\tport: 3306,\n\t// Database user:\n\tuser: 'session_test',\n\t// Password for the above database user:\n\tpassword: 'password',\n\t// Database name:\n\tdatabase: 'session_test',\n\t// Whether or not to automatically check for and clear expired sessions:\n\tclearExpired: true,\n\t// How frequently expired sessions will be cleared; milliseconds:\n\tcheckExpirationInterval: 900000,\n\t// The maximum age of a valid session; milliseconds:\n\texpiration: 86400000,\n\t// Whether or not to create the sessions database table, if one does not already exist:\n\tcreateDatabaseTable: true,\n\t// Whether or not to end the database connection when the store is closed.\n\t// The default value of this option depends on whether or not a connection was passed to the constructor.\n\t// If a connection object is passed to the constructor, the default value for this option is false.\n\tendConnectionOnClose: true,\n\t// Whether or not to disable touch:\n\tdisableTouch: false,\n\tcharset: 'utf8mb4_bin',\n\tschema: {\n\t\ttableName: 'sessions',\n\t\tcolumnNames: {\n\t\t\tsession_id: 'session_id',\n\t\t\texpires: 'expires',\n\t\t\tdata: 'data'\n\t\t}\n\t}\n};\n```\nAdditionally, the following options will be passed thru to the [mysql2 module's](https://github.com/sidorares/node-mysql2) createPool method:\n* `waitForConnections`, `connectionLimit`, `maxIdle`, `idleTimeout`, `queueLimit`\n\n\n#### Custom database table schema\n\nIt is possible to use a custom schema for your sessions database table. This can be useful if you want to have extra columns (e.g. \"user_id\"), indexes, foreign keys, etc. You could also change the type of the \"data\" column to a smaller or larger text type (e.g. \"TINYTEXT\", \"LONGTEXT\", \"BLOB\") or native \"JSON\" type.\n\nSet the `createDatabaseTable` option to `FALSE` so that the session store does not automatically create a sessions table.\n\nUse the `schema` option to provide the custom table and column names to the session store.\n```js\nconst session = require('express-session');\nconst MySQLStore = require('express-mysql-session')(session);\n\nconst options = {\n\thost: 'localhost',\n\tport: 3306,\n\tuser: 'session_test',\n\tpassword: 'password',\n\tdatabase: 'session_test',\n\tcreateDatabaseTable: false,\n\tschema: {\n\t\ttableName: 'custom_sessions_table_name',\n\t\tcolumnNames: {\n\t\t\tsession_id: 'custom_session_id_column_name',\n\t\t\texpires: 'custom_expires_column_name',\n\t\t\tdata: 'custom_data_column_name'\n\t\t}\n\t}\n};\n\nconst sessionStore = new MySQLStore(options);\n```\n\n\n### Debugging\n\n`express-mysql-session` uses the [debug module](https://github.com/debug-js/debug) to output debug messages to the console. To output all debug messages, run your node app with the `DEBUG` environment variable:\n```\nDEBUG=express-mysql-session* node your-app.js\n```\nThis will output log messages as well as error messages from `express-mysql-session`.\n\n\n## Contributing\n\nThere are a number of ways you can contribute:\n\n* **Improve or correct the documentation** - All the documentation is in this readme file. If you see a mistake, or think something should be clarified or expanded upon, please [submit a pull request](https://github.com/chill117/express-mysql-session/pulls/new)\n* **Report a bug** - Please review [existing issues](https://github.com/chill117/express-mysql-session/issues) before submitting a new one; to avoid duplicates. If you can't find an issue that relates to the bug you've found, please [create a new one](https://github.com/chill117/express-mysql-session/issues).\n* **Request a feature** - Again, please review the [existing issues](https://github.com/chill117/express-mysql-session/issues) before posting a feature request. If you can't find an existing one that covers your feature idea, please [create a new one](https://github.com/chill117/express-mysql-session/issues).\n* **Fix a bug** - Have a look at the [existing issues](https://github.com/chill117/express-mysql-session/issues) for the project. If there's a bug in there that you'd like to tackle, please feel free to do so. I would ask that when fixing a bug, that you first create a failing test that proves the bug. Then to fix the bug, make the test pass. This should hopefully ensure that the bug never creeps into the project again. After you've done all that, you can [submit a pull request](https://github.com/chill117/express-mysql-session/pulls/new) with your changes.\n\nBefore you contribute code, please read through at least some of the source code for the project. I would appreciate it if any pull requests for source code changes follow the coding style of the rest of the project.\n\nNow if you're still interested, you'll need to get your local environment configured.\n\n\n### Configure Local Environment\n\n#### Step 1: Get the Code\n\nFirst, you'll need to pull down the code from GitHub:\n```\ngit clone https://github.com/chill117/express-mysql-session.git\n```\n\n#### Step 2: Install Dependencies\n\nSecond, you'll need to install the project dependencies as well as the dev dependencies. To do this, simply run the following from the directory you created in step 1:\n```bash\nnpm ci\n```\n\n#### Step 3: Set Up the Test Database\n\nNow, you'll need to set up a local test database:\n```js\n{\n\thost: 'localhost',\n\tport: 3306,\n\tuser: 'session_test',\n\tpassword: 'password',\n\tdatabase: 'session_test'\n};\n```\n*The test database settings are located in [test/config.js](https://github.com/chill117/express-mysql-session/blob/master/test/config.js)*\n\nAlternatively, you can provide custom database configurations via environment variables:\n```\nDB_HOST=\"localhost\"\nDB_PORT=\"3306\"\nDB_USER=\"session_test\"\nDB_PASS=\"password\"\nDB_NAME=\"session_test\"\n```\n\nAlternatively, use docker to run a temporary instance of MySQL database:\n```bash\nsudo docker run -it --rm \\\n\t-e MYSQL_RANDOM_ROOT_PASSWORD=yes \\\n\t-e MYSQL_DATABASE=session_test \\\n\t-e MYSQL_USER=session_test \\\n\t-e MYSQL_PASSWORD=password \\\n\t-p 3306:3306 mysql:5.7\n```\n\n\n### Tests\n\nThis project includes an automated regression test suite. To run the tests:\n```bash\nnpm test\n```\n\n\n## Changelog\n\nSee [changelog.md](https://github.com/chill117/express-mysql-session/blob/master/changelog.md)\n\n\n## License\n\nThis software is [MIT licensed](https://tldrlegal.com/license/mit-license):\n\u003e A short, permissive software license. Basically, you can do whatever you want as long as you include the original copyright and license notice in any copy of the software/source.  There are many variations of this license in use.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchill117%2Fexpress-mysql-session","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchill117%2Fexpress-mysql-session","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchill117%2Fexpress-mysql-session/lists"}