[Question]: Warning concerning connect.session() MemoryStore not designed for prod environment

[ringhofd]

Contact Details

No response

What is your question?

I've encountered the following warning, doesn't install confidence.
With previous versions I didn't experience this log message.

Could this be fixed?

More Details

Warning: connect.session() MemoryStore is not
designed for a production environment, as it will leak
memory, and will not scale past a single process.

What is the main subject of your question?

Other

Screenshots

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

[danny-avila]

The dependency issuing a warning is only being used for OpenID. This is not a concern if you aren’t using it, and minimal if your user base is not in the 1000s.

The MemoryStore can be mitigated with redis or db. This app in is “pre-release”, meaning it’s not tuned up to production levels across the board, and this is one such area where this is the case. There are several other caches created in the servers lifespan that would greatly benefit from using Redis, and some architecture is already there to support it, but is not a priority until we get to a release state.

I’ll plan to add more documentation for this and a more informative warning for admins using OpenID oauth.

[danny-avila]

Single file where express-session is used: https://github.com/danny-avila/LibreChat/blob/main/api/server/socialLogins.js
Related stackoverflow: https://stackoverflow.com/questions/44882535/warning-connect-session-memorystore-is-not-designed-for-a-production-environm

[danny-avila]

It’s also not a concern if you aren’t needing to spin up several instances of the server.

[danny-avila]

Actually addressing this in an upcoming PR but will require use of Redis