Session Storage
Storage adapters for transient authentication state (rate limits, locks, token tracking).
Available Adapters
| Adapter | Package | Use Case |
|---|---|---|
| Redis | @nauth-toolkit/storage-redis | Production (recommended, multi-server) |
| Redis Cluster | @nauth-toolkit/storage-redis | Production (high availability) |
| Database | @nauth-toolkit/storage-database | Production (single-server, low-traffic) |
important
Storage adapter is REQUIRED. You must configure either DatabaseStorageAdapter or RedisStorageAdapter. If you don't provide one explicitly, DatabaseStorageAdapter will be auto-created if storage entities are available in your TypeORM configuration.
Purpose
Session storage handles transient authentication data:
- Rate limiting counters
- Account lockout state
- Token reuse tracking
- MFA challenge data
- CSRF tokens
note
This is NOT user data storage. User accounts and sessions are stored in your database via TypeORM entities. See Database Packages.
StorageAdapter Interface
interface StorageAdapter {
get(key: string): Promise<string | null>;
set(key: string, value: string, ttlSeconds?: number): Promise<void>;
del(key: string): Promise<void>;
incr(key: string, ttlSeconds?: number): Promise<number>;
// Hash operations for complex state
hget(key: string, field: string): Promise<string | null>;
hset(key: string, field: string, value: string): Promise<void>;
hdel(key: string, field: string): Promise<void>;
hgetall(key: string): Promise<Record<string, string>>;
}
Related
- Database Packages - User/session entity storage