我的应用程序上设置了PassportJS身份验证，其中包括针对Facebook，Twitter和Google的策略以及本地策略。这是我的身份验证路由当前的样子：

// /routes/auth-routes.js

import connectRedis from 'connect-redis';
import express from 'express';
import session from 'express-session';
import uuidv4 from 'uuid/v4';

import facebook from './auth-providers/facebook';
import google from './auth-providers/google';
import local from './auth-providers/local';
import twitter from './auth-providers/twitter';

const RedisStore = connectRedis(session);
const router = express.Router();

router.use(session({
  name: process.env.SESSION_COOKIE,
  genid: () => uuidv4(),
  cookie: {
    httpOnly: true,
    sameSite: 'strict',
  },
  secret: process.env.SESSION_SECRET,
  store: new RedisStore({
    host: process.env.REDIS_HOST,
    port: process.env.REDIS_PORT,
    ttl: 1 * 24 * 60 * 60, // In seconds
  }),
  saveUninitialized: false,
  resave: false,
}));

// Social auth routes
router.use('/google', google);
router.use('/twitter', twitter);
router.use('/facebook', facebook);
router.use('/local', local);

// Logout
router.get('/logout', (req, res) => {
  req.logout();
  const cookieKeys = Object.keys(req.cookies);
  if(cookieKeys.includes(process.env.USER_REMEMBER_COOKIE)) {
    console.log('REMEMBER COOKIE EXISTS!');
    const rememberCookie = process.env.USER_REMEMBER_COOKIE;
    const sessionCookie = process.env.SESSION_COOKIE;
    cookieKeys.forEach((cookie) => {
      if(cookie !== rememberCookie && cookie !== sessionCookie) res.clearCookie(cookie);
    });
    res.redirect(req.query.callback);
  } else {
    console.log('NO REMEMBER');
    req.session.destroy(() => {
      cookieKeys.forEach((cookie) => {
        res.clearCookie(cookie);
      });
      res.redirect(req.query.callback);
    });
  }
});

module.exports = router;

显而易见，我正在使用Redis存储会话cookie，然后在每次页面重新加载时将其与所有其他cookie一起发送到服务器。这是我的问题：

这够了吗？我是否应该通过在Redis商店中查找来验证接收到的会话cookie的完整性？但是，如果我在每次页面加载时都这样做，那会对性能产生不利影响吗？处理此问题的标准方法是什么？

该仓库位于https://github.com/amitschandillia/proost/blob/master/web。