SaaSHub helps you find the best software and product alternatives Learn more →
Nodejs-firestore-session Alternatives
Similar projects and alternatives to nodejs-firestore-session
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
nodejs-firestore-session reviews and mentions
-
The Google 0-day all Infostealer groups are exploiting
I generally believe it. Google's security team has been lax on cookie security. I reported an issue earlier this year about non-expiring session cookies, they said it was previously reported in 2019. The bug remains [1]. Sadly other Google projects use this code...
Historically they've been quick to patch things I've reported, so it feels like a decline.
[1] https://github.com/googleapis/nodejs-firestore-session/issue...
-
Stop using JSON Web Tokens for user sessions
The lack of logout and XSS are problems, but I ran into a couple apps that completely forgot to expire sessions due to lacking framework support. In nodejs's cookie-session and @google-cloud/connect-firestore sessions never expire. This issue impacts downstream software including, awkwardly enough, Google's Passkey demo apps. There isn't interest in fixing this.
Make sure your app is actually using a JWT framework, not a lesser version, and implements basic security practices.
[1] https://github.com/expressjs/cookie-session
[2] https://github.com/googleapis/nodejs-firestore-session
-
Show HN: WebSession, a Secure Replacement for Cookies
Surprisingly, there's several cookie-based approaches that forget to handle any sort of server-side expiration. Here's one:
https://github.com/googleapis/nodejs-firestore-session/issue...
I agree that WebSession would benefit from a time since last touched expiration, although I'll point out that a time-based approach doesn't handle the "when device is locked" requirement.
-
A note from our sponsor - SaaSHub
www.saashub.com | 6 May 2024
Stats
googleapis/nodejs-firestore-session is an open source project licensed under Apache License 2.0 which is an OSI approved license.
The primary programming language of nodejs-firestore-session is TypeScript.
Popular Comparisons
Sponsored