Datsik Datsik - 4 months ago 15
Node.js Question

Koa-session getting reset after appending object to it?

I have a controller which looks up a character, and then does some stuff with it, the controller looks like:

router.post('/profile/characters', async ctx => {
try {
ctx.type = 'json';
let req = ctx.request;
if (!('charname' in req.body) || !('charserver' in req.body)) {
return res.json({
'success': false,
error: 'You are missing either the character name, or server'

let foundChar = await new Promise((res, rej) => {
origin: 'us',
realm: req.body.charserver,
name: req.body.charname,
fields: ['items', 'talents']
}, (err, charData) => {
if (err) {
return rej(err);
return res(charData);

if ('status' in foundChar) {
if (foundChar.status === 'nok') {
return ctx.body = {
'success': false,
error: 'There was an error looking up your character, please ensure its a US character, and has been logged into recently'

foundChar.items.level = foundChar.level;
foundChar.items.class = foundChar.class;
foundChar.items.thumbnail = foundChar.thumbnail;
foundChar.items.name = foundChar.name;

let {
items, talents
} = foundChar;

let specF = talents.find(x => x.selected) || {};
let charData = {
items, specF

if ('legs' in items || 'hands' in items || 'shoulder' in items) {
return ctx.body = {
success: false,
error: 'To verify it is your own character, please remove your (Shoulders, Hands, and Pants) from your character and try again.'

ctx.session.foundChar = foundChar; // This line here
ctx.body = {
success: true,

} catch (err) {
ctx.status = err.status || 500;
ctx.body = {
message: err.message

When it processes
ctx.session.foundChar = foundChar
it seems to reset my session for some reason, and logging the session shows
instead of

authenticated: true,
userid: 1

But if I change
ctx.session.foundChar = "Hello";
< Works just fine.

I don't know if there is a data limit or something to the session or what as this wasn't an issue with
but I'm trying to convert it all over to Koa, anyways not sure why my session is getting reset.

Example of what
looks like

{ userid: 1,
username: 'Blah',
authenticated: true,
userLevel: 5,
hasMainCharacter: true,
{ lastModified: 1453702285000,
name: 'Blah',
realm: 'Mal\'Ganis',
battlegroup: 'Vindication',
class: 4,
race: 5,
gender: 0,
level: 100,
achievementPoints: 6335,
thumbnail: 'internal-record-3684/9/119507209-avatar.jpg',
calcClass: 'c',
faction: 1,
{ averageItemLevel: 714,
averageItemLevelEquipped: 573,
head: [Object],
neck: [Object],
back: [Object],
chest: [Object],
wrist: [Object],
waist: [Object],
feet: [Object],
finger1: [Object],
finger2: [Object],
trinket1: [Object],
trinket2: [Object],
mainHand: [Object],
offHand: [Object],
level: 100,
class: 4,
thumbnail: 'internal-record-3684/9/119507209-avatar.jpg',
name: 'Blah' },
talents: [ [Object], [Object] ],
totalHonorableKills: 258 } }

So this logs properly, but then after refreshing the page im no longer authenticated and



Your problem is, because of koajs/session usage which is

Simple cookie-based session middleware for Koa.

Which means when ctx.session is being serialized into json and stored in cookie after each request and is being deserialized before each request.

Unfortunately cookie has limited size and when you try to store big object into it with ctx.session.foundChar = foundChar it exceeds maximum cookie size and results currupted session cookie.

For same reason ctx.session.foundChar = "Hello" works, because json size does not exceed max cookie size.


Use db based storage for session, good choice for it could be koa-session-storage.

Look https://github.com/hiddentao/koa-session-store#session-storage-layer for configuration options.