session and cookie-parser conflict with each other

mcguinness / saml-idp

Simple SAML Identity Provider (IdP) for Node

MIT License

447 stars 172 forks source link

session and cookie-parser conflict with each other #44

Closed nlfiedler closed 6 years ago

nlfiedler commented 6 years ago

Using both expressjs/session and expressjs/cookie-parser means that the session management is actually not working. Since v1.5 session manages its own cookies, and having cookie-parser enabled as well causes a conflict. I tried having them share the same secret but it only make it worse. Removing cookie-parser completely at least gets the session working.

mcguinness commented 6 years ago

killed expressjs/cookie-parser