The auth flow requires a session middleware to have been setup.
The httpAdmin express app sets up the session middleware, the httpNode app doesnt. If httpAdminRoot is /, then any request will pass through it first - attaching the session object to the request.
If httpAdminRoot is moved away from /, then requests to httpNode won't pass through it.
The fix in this PR is to setup a similar session middleware on the httpAdminRoot. The session middleware no-ops itself if a request it is passed already has req.session on it.
I have test this with the editor on the default /, as well as /editor - for both a regular HTTP node end point and DB2.
Fixes https://github.com/FlowFuse/flowfuse/issues/3513
Description
The auth flow requires a session middleware to have been setup.
The httpAdmin express app sets up the session middleware, the httpNode app doesnt. If
httpAdminRoot
is/
, then any request will pass through it first - attaching the session object to the request.If
httpAdminRoot
is moved away from/
, then requests tohttpNode
won't pass through it.The fix in this PR is to setup a similar session middleware on the httpAdminRoot. The session middleware no-ops itself if a request it is passed already has
req.session
on it.I have test this with the editor on the default
/
, as well as/editor
- for both a regular HTTP node end point and DB2.