In my React app I need to keep users logged in for a certain amount of time, but I'm confused on how to do this and how it works. When a user logs in I want to create a session for them, and whenever that session is active I want to know their email address (stored in MongoDB) so I can send it along with any API requests to my backend to know which user is trying to load certain pages.
So far I know that I should be using Express Sessions, but I'm not sure what it's doing. When I have app.use(session // session info) in my app.js file does it create a session for every user that makes a request to the server?
If so, how do I check on the server if a user is logged in or not? For example, say a user goes to a protected page and has a session already, do I just check if req.session exists and then if it does show the page content?
