Open Sid21m opened 7 years ago
Your secret must match between cookie-parser
and express-session
. Also you may want to use the expires
option as shown below.
app.use(cookieParser('asdf33g4w4hghjkuil8saef345')); // cookie parser must use the same secret as express-session.
const cookieExpirationDate = new Date();
const cookieExpirationDays = 365;
cookieExpirationDate.setDate(cookieExpirationDate.getDate() + cookieExpirationDays);
app.use(session({
secret: 'asdf33g4w4hghjkuil8saef345', // must match with the secret for cookie-parser
resave: true,
saveUninitialized: true,
cookie: {
httpOnly: true,
expires: cookieExpirationDate // use expires instead of maxAge
}
} ));
I'm having the same issue. For some reasons, I don't see the cookie in my browser so the next time I refresh the page, my session is lost.
If the cookie isn't lost, think about other situations that might impact:
Independent of Passport make sure you can establish and maintain a session.
I made a few more tests, and it seems it was because cors wasn't properly set. Thanks!
@tleunen - Could you please elaborate on how you fixed the issue by properly setting cors ?
This was so long ago. Sorry, can't remember at all.
hehe .. Just realised!
No worries. Thanks for the quick reply.
I am using express-session and middleware passport.session(). For serialization i use user object in session because I dont want to hit database every time I deserialize.
My front end : localhost app at port 80. Back end : node app at port 8080
Also I am using custom callbacks because I need to redirect to dynamic url (consisting of accesstoken and refreshtoken)created from user object
Here is my code (index.html):
(initial setup):
(passport code):
routes:
I am able to see req.user inside the route handler for auth/google/callback.
But when authentication is completed, I call POST /userProfile, req.isAuthenticated() returns false.
I think I am missing something here.??