Skip to main content
Version: Next


Session middleware for Fiber.


This middleware uses our Storage package to support various databases through a single interface. The default configuration for this middleware saves data to memory, see the examples below for other databases.


func New(config ...Config) *Store
func (s *Store) RegisterType(i any)
func (s *Store) Get(c fiber.Ctx) (*Session, error)
func (s *Store) Delete(id string) error
func (s *Store) Reset() error

func (s *Session) Get(key string) any
func (s *Session) Set(key string, val any)
func (s *Session) Delete(key string)
func (s *Session) Destroy() error
func (s *Session) Reset() error
func (s *Session) Regenerate() error
func (s *Session) Save() error
func (s *Session) Fresh() bool
func (s *Session) ID() string
func (s *Session) Keys() []string
func (s *Session) SetExpiry(exp time.Duration)

Storing any values are limited to built-ins Go types.


Import the middleware package that is part of the Fiber web framework

import (

After you initiate your Fiber app, you can use the following possibilities:

// Initialize default config
// This stores all of your app's sessions
store := session.New()

app.Get("/", func(c fiber.Ctx) error {
// Get session from storage
sess, err := store.Get(c)
if err != nil {

// Get value
name := sess.Get("name")

// Set key/value
sess.Set("name", "john")

// Get all Keys
keys := sess.Keys()

// Delete key

// Destroy session
if err := sess.Destroy(); err != nil {

// Sets a specific expiration for this session
sess.SetExpiry(time.Second * 2)

// Save session
if err := sess.Save(); err != nil {

return c.SendString(fmt.Sprintf("Welcome %v", name))


Expirationtime.DurationAllowed session duration.24 * time.Hour
Storagefiber.StorageStorage interface to store the session data.memory.New()
KeyLookupstringKeyLookup is a string in the form of "<source>:<name>" that is used to extract session id from the request."cookie:session_id"
CookieDomainstringDomain of the cookie.""
CookiePathstringPath of the cookie.""
CookieSecureboolIndicates if cookie is secure.false
CookieHTTPOnlyboolIndicates if cookie is HTTP only.false
CookieSameSitestringValue of SameSite cookie."Lax"
CookieSessionOnlyboolDecides whether cookie should last for only the browser session. Ignores Expiration if set to true.false
KeyGeneratorfunc() stringKeyGenerator generates the session key.utils.UUIDv4
CookieName (Deprecated)stringDeprecated: Please use KeyLookup. The session name.""

Default Config

var ConfigDefault = Config{
Expiration: 24 * time.Hour,
KeyLookup: "cookie:session_id",
KeyGenerator: utils.UUIDv4,
source: "cookie",
sessionName: "session_id",


const (
SourceCookie Source = "cookie"
SourceHeader Source = "header"
SourceURLQuery Source = "query"

Custom Storage/Database

You can use any storage from our storage package.

storage := sqlite3.New() // From

store := session.New(session.Config{
Storage: storage,

To use the store, see the Examples.