Skip to content

Latest commit

 

History

History
59 lines (46 loc) · 2.73 KB

overview-8-how-expiring-keys-work.md

File metadata and controls

59 lines (46 loc) · 2.73 KB

Let's delve deeper into how expiring keys work with real-world examples. Consider a common use case: a web application that uses Redis to manage user sessions.

Scenario: User Sessions

  1. User Login:

    • When a user logs into a web application, a unique session ID is generated for that user.
    • The session ID is associated with the user's information, such as user ID, username, and access permissions.
    const sessionId = generateUniqueSessionId();
const userId = 123;
const sessionData = { username: 'john_doe', isAdmin: false };

// Set the session key with an expiration time (e.g., 30 minutes)
client.set(`session:${sessionId}`, JSON.stringify(sessionData), 'EX', 1800);

  2. Checking User Authentication:

    • Throughout the user's interaction with the web application, the session ID is used to identify the user.
    • The web application checks the user's authentication by retrieving the session data from Redis.
    const sessionId = userProvidedSessionId;

// Check if the session key exists and retrieve the session data
client.get(`session:${sessionId}`, (err, sessionData) => {
  if (err) {
    console.error(err);
    // Handle error
  } else if (sessionData) {
    const userData = JSON.parse(sessionData);
    // User is authenticated, proceed with the request
  } else {
    // Session key does not exist or has expired
    // Redirect to login page or prompt for reauthentication
  }
});

  3. Expiration:

    • The session key in Redis is set to expire after a certain time (e.g., 30 minutes).
    • If the user remains active, each interaction with the web application resets the expiration time for the session key.
    const sessionId = userProvidedSessionId;

// Extend the expiration time of the session key (e.g., 30 minutes)
client.expire(`session:${sessionId}`, 1800);

  4. Automatic Cleanup:

    • If the user logs out or if the session remains inactive for the specified time, the session key automatically expires and is removed from Redis.

Summary:

  • The web application uses Redis keys to store session information, associating a unique session ID with user data.
  • The expiration time for the session key ensures that inactive sessions are automatically cleaned up, preventing the Redis database from storing unnecessary data.
  • The expiration time also adds a layer of security by limiting the validity period of a session, reducing the risk of unauthorized access if a session ID is compromised.

This is just one example of how expiring keys in Redis can be applied in a real-world scenario. The principle remains similar across various use cases where temporary data needs to be managed efficiently.