sqliteSessionStore needs to be updated to store req.session.lastAccessed = Date.now() whenever a session is in use. Then clearExpiredSessions needs to be modified to clear any session that hasn't been accessed during a configurable interval, e.g. 3 months. The configurable interval should be a new param: expressSessionStore.maxInactivity with a default of 7889238000.
This feature is distinct from expressSession.cookie.maxAge because we want to support the scenario where sessions can in theory be very long, so long as the session remains active, but expire faster if the session isn't being used. This is to prevent zombie sessions from piling up in the database.
sqliteSessionStore needs to be updated to store
req.session.lastAccessed = Date.now()whenever a session is in use. ThenclearExpiredSessionsneeds to be modified to clear any session that hasn't been accessed during a configurable interval, e.g. 3 months. The configurable interval should be a new param:expressSessionStore.maxInactivitywith a default of7889238000.This feature is distinct from
expressSession.cookie.maxAgebecause we want to support the scenario where sessions can in theory be very long, so long as the session remains active, but expire faster if the session isn't being used. This is to prevent zombie sessions from piling up in the database.