Hello i am building an app that is using passport-twitter to authenticate the user, im able to succesfully login the user using twitter credentials, but i would like for the user when we sign out (destroy the session), so the cookie is also destroy, so everytime the user comes back to the app, he needs to authenticate again. so im guessing my session has to be modified but i dont know how.
app.use(session({
secret: "our-passport-local-strategy-app",
resave: true,
saveUninitialized: true
}));
any help is appreciated
Try to use Passport's official approach for logging out. The request object has a decorator that it can be used. If you are using Express.js 4.x the 'result' object has cookie manipulating decorators as well.
app.get('/logout', function(req, res){
// Destroy the session if any
req.logout();
// Clear the specified cookies
res.clearCookie('your_key');
// Redirect to homepage
res.redirect('/');
});