help wanted
Métriques du dépôt
- Stars
- (6 073 stars)
- Métriques de merge PR
- (Merge moyen 8j) (2 PRs mergées en 30 j)
Description
Sometimes, there is the need to refresh the session ID without loosing the session data.
Examples:
- Refreshing session ID after authentication (to protect against session fixation attacks) https://www.owasp.org/index.php/Session_fixation https://github.com/jaredhanson/passport/issues/192
- Manually refreshing session ID before it expires (e.g. if the user wants to keep working after the maximum session lifetime, but we do not want the same session ID to be used)