Open deepakdingka opened 1 month ago
Thanks for reporting!
Can you provide steps to reproduce? We often need a reproducible example, e.g. some code that allows someone else to recreate your problem by just copying and pasting it. If it involves more than a couple of different file, create a new repository on GitHub and add a link to that.
Please find the attached code below
import fastify from 'fastify';
import fastifyCookie from '@fastify/cookie';
import fastifySession from '@fastify/session';
import connectRedis from 'connect-redis';
import grant from 'grant';
const RedisStore = new connectRedis(fastifySession);
const sessionStore = new RedisStore({ client: fastify.redisSession });
await fastify
.register(fastifyCookie)
.register(fastifySession, {
secret: sessionSecret,
cookie: {
secure: process.env.NODE_ENV !== 'localhost',
maxAge: 24 * 60 * 60 * 1000, // 24 hours, in milliseconds
},
store: sessionStore,
})
.register(
grant.fastify()({
defaults: {
origin: process.env.HOSTNAME,
transport: 'session',
state: true,
nonce: true,
prefix: '/login',
},
auth0: {
client_id: clientId,
client_secret: clientSecret,
scope: ['openid', 'profile', 'email', 'offline_access'],
redirect_uri: `${process.env.HOSTNAME}/authorized`,
subdomain: auth0_domain.slice(0, -10),
},
}),
);
await fastify.get('/authorized', async (request, reply) => {
console.log(request.session); // here it fails with session undefined
};
package.json
"@fastify/cookie": "^9.2.0",
"@fastify/session": "^10.9.0",
"connect-redis": "^6.1.3",
"grant": "^5.4.21",
"fastify": "^4.15.0"
That's not a reproducible example.
We are using auth0 tenant endpoints for SSO login, is there any way to replicate that?
You can also send a PR with a fix and a test. To implement the test you'll have to do that reproduction anyway.
Prerequisites
Fastify version
4.15.0
Plugin version
No response
Node.js version
18.x
Operating system
Linux
Operating system version (i.e. 20.04, 11.3, 10)
Docker image node:lts-alpine 3.18
Description
We have recently upgraded to version
10.9.0 of @fastify/session
following the latest security release. Subsequent to this update, we have encountered an issue where Fastify is unable to create a session object, As a consequence, the session field within the Fastify request object is undefined, which may impact session management and related functionalities.The following code snippet demonstrates how we configure the session inside the Redis store and manage authentication with Auth0:
Link to code that reproduces the bug
No response
Expected Behavior
No response