Search code examples
javascriptnode.jsexpressauthenticationexpress-session

Is express-session not working with express 4.13?

So I've set the session according to the documentation for express-session, as far as I can tell. But my cookie is not getting created! According to the documentation, all you have to do is set the request.session value and the cookie should automatically be set. I'm not sure what voodoo enables this, but the magic seems to be broken. Just to be sure I verified against the example given here. Am I wrong? Are these missing some key info?

   //login route handler
   app.post('/users/login/', function (req, res) {

   //... get the row from DB, check the pass then set session

   this.bcrypt.compare(password, row.hashed, function(err, passwordsMatch) {
            if( passwordsMatch === true)
            {
                //set the session variable 'user'
                req.session.user = row;
                res.send(row);
            }
        });

So I wonder am I doing something wrong, or is there a bug with the latest? I can check my database and I do see correct session variables on the rows in my session table! 

//Here's my "configuration" of express-session. 
app.use(function (req, res, next) {
    res.header('Access-Control-Allow-Credentials', 'true');
    next();
});

var storeOptions = {
  //my database options (this works, it makes rows in db table)
};

var sessionStore = new SessionStore( storeOptions );

app.use(session({
    name:'yay_session',
    secret: 'some secret this is now',
    resave: true,
    saveUninitialized: false,
    cookie: { maxAge: 600000,httpOnly: false, domain:'localhost' },
    store: sessionStore
}));

Why is my client-side cookie not getting set? It does not show up in resources debug panel. So I'm wondering if there's a bug with the latest 4.13.3 version working in tandem with express-session 1.11.3. This is latest as of Aug 27.

Solution

  • Use the below code for session to work normally in EXPRESS JS V 4: - 

        var express = require('express');
    var session = require("express-session");
    var cookieParser = require('cookie-parser');
    var app = express();
    app.use(cookieParser());
    var MemoryStore =session.MemoryStore;
    app.use(session({
        name : 'app.sid',
        secret: "1234567890QWERTY",
        resave: true,
        store: new MemoryStore(),
        saveUninitialized: true
}));