Currently (v 0.20.X) user session are stored using memorystore, and it can't be changed since it's hardcoded in the file node_modules@node-red\editor-api\lib\auth\index.js
under the code
`
var crypto = require("crypto")
var session = require('express-session')
var MemoryStore = require('memorystore')(session)
adminApp.use(session({
// As the session is only used across the life-span of an auth
// hand-shake, we can use a instance specific random string
secret: crypto.randomBytes(20).toString('hex'),
resave: false,
saveUninitialized: false,
store: new MemoryStore({
checkPeriod: 86400000 // prune expired entries every 24h
})
}));
`
Express-session support a large variety of stores, and it would be nice if the user was able to select his preferred store.
Don't know if this impact other aspects but as of my current understanding is just matter to make the string 'memorystore' customizable.
Ivan.