passport.deserializeUser not called when session uses external session storage

[SkeLLLa]

If koa-session is initialized with external sotage (not cookies), then passport.deserializeUser will be never called. As a result method isAuthenticated will never work as expected.

[ddtramp]

me to, how to resolve this problem am using redis store

[rkusa]

Maybe the same as #123. The following points would be helpful:

• does it work with passport (not koa-passport)
• provide an ready-to-test example

🙃

[ilaipi]

hello, any process on this?

[ilaipi]

I switch to koa-session-minimal and koa-redis, and keep koa-passport, and then the problem resolved.

so I think this problem may be caused by koa-session lib.

[rkusa]

If using koa-session-minimal does not solve the issue, feel free to reopen with details like

• does it work with passport (not koa-passport)
• provide an ready-to-test example

[wight554]

Got the same issue with mongodb as session storage, it works only with koa-session-minimal even with passport, using koa-session-minimal is nice solution, but it's pretty outdated (tried both koa-session and koa-generic-session with few mongostore variants, no luck) Can provide examples if anyone still interested in fixing this

[rkusa]

Can provide examples if anyone still interested in fixing this

I am still open to having a look, if I can get my hands at a minimal ready to test example 👍

[wight554]

https://github.com/wight554/koa-blog hope that example is sane code there works right now, but if u replace koa-session-minimal with koa-generic-session or any other session middleware it doesn't work anymore left fixme here https://github.com/wight554/koa-blog/blob/master/index.js#L21

[rkusa]

@wight554 Thanks for the example! I debugged a bit I think the issue actually comes from koa-generic-session-mongo. To confirm this, I tried the example given in the README of https://github.com/pavelvlasov/koa-generic-session-mongo and even its example does not work.

Since the README of koa-generic-session states:

Notice: koa-session support external store now, please migrate to koa-session.

I'd suggest using https://github.com/koajs/session and using something other than the generic-session stores

[wight554]

it's really weird, tried all available koa mongo store middlewares, nothing really worked without koa-session-minimal (actually that's only one I've tried with minimal, but other haven't worked with other session middlewares) thanks for help anyway

[rkusa]

To explain the issue I saw a bit: It seems like getting a session from the mongo store does not return the result, but something that seems to be missing an additional yield. koa-session-minimal was the only middleware wrapping this result into an additional co. I think this additional co did the trick to extract the result.

[klandell]

I'm a bit late to the game here, but I was having this same issue where passport.deserializeUser was never called when using an external store with koa-session and koa-passport. The unfortunate cause of my struggles was not realizing that I had to store the entire sess argument instead of just the unique key within it that I was interested in. I blame that on poor documentation...

If anyone else hits this, I wrote this minimal working memory store that you can drop in for debugging to verify that it is your store implementation that has the problem and not koa-session or koa-passport.

const memStore = {
  data: {},
  write(key, sess) {
    const { data } = this;
    return new Promise(resolve => {
      data[key] = sess;
      resolve();
    });
  },
  read(key) {
    return Promise.resolve(this.data[key]);
  },
  del(key) {
    const { data } = this;
    return new Promise(resolve => {
      data[key] = undefined;
      resolve();
    });
  },
};

module.exports = {
  get(sid) {
    return memStore.read(sid);
  },
  async set(sid, session) {
    await memStore.write(sid, session);
  },
  async destroy(sid) {
    await memStore.del(sid);
  },
};