I am having this issue in my application. Whenever the browser refreshes it reassign the cookie with a new content and thus a new session id. It is the right behavior of a browser?
The application uses express and connect-tedious libraries of the nodejs. The user gets logged out because the cookie content and session id is now different whenever he does a refresh. Any suggestion on how to go about resolving this problem?
If it is your node server code that is responsible for setting the cookies for the user and the session (using the Set-Cookie header or generating a Javascript file for the client with the same), then it should also check for existing cookies in the request. When the page is reloaded, the request would come to your server again. At that point you can read the cookies that were passed to the server (which would include the cookie for session and user that were set the last time). If these cookies are found and are valid, the server should not generate a new cookie for the same.
Even if this logic does not reside on the server and is a part of your client side JS, the overall idea is the same. Do not create new cookies, if you can read the existing ones correctly.