By default, your express application will store session data in memory. That means if your server restarts all users will need to log back in. Additionally, this does not scale to more than one instance, leaks memory and does other mean things. While this works while developing your local computer (notice how you always need to log in after making a code change), you will want something better for production.
Heroku even warns you if you do this. Try running $ heroku logs --tail
to see this.
Welcome Redis
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache and message broker.
Step 1: Create the heroku add on
$ heroku addons:create heroku-redis:hobby-dev
This will create a REDIS_URL
in the heroku config that you will use to connect. Use $ heroku config:get REDIS_URL
to see this value.
Step 2: Download the connect-redis
package for your project
$ npm install -s connect-redis
Step 3: Pass in express-session
into connect-redis
Step 4: Create an instance of RedisStore
as the store property of your session configuration
Note: your local computer probably does not have REDIS_URL
set.
Step 5: Push to heroku and try your new session store
$ git push heroku master
How do you run your project locally now?
Option 1: default to memory session store locally
Check your NODE_ENV
setting and if its not production we will default the store property to null.
Option 2: default to using a redis
instance locally
Run these commands and connect to your instance directly.
Gotcha Error: req.flash() requires sessions
If you try running your project locally, you will notice that your session store fails to initialize and things break – this happens since you likely do not have the REDIS_URL
set.
Production ready:
Note that redis on hobby dev will not allow SSL and to secure a production redis, you will need to pay for a production plan and add “stunnel” to your buildpack. (link)