Search code examples
node.jsexpress-session

Session token isn't storing and isn't viewable from browser

I'm trying to setup a session storage of a userID for an app im working on and I cannot for the life of me get express-session to work.

I've checked out a ton of stack overflow posts, tutorials, and other websites and followed all of the instructions there to no avail. The cookie doesn't even appear in the browser. I've tried changing the order of the .use as well and no other location worked.

Here's the code

const session = require('express-session');
const cookieParser = require('cookie-parser');
const App = require('./app');

var app = new App();
const server = express();
const port = process.env.PORT || 3030;

server.use(cors());
server.use(express.static(path.join(__dirname, buildPath)));

server.use(cookieParser());

server.use(session({
  key: 'user_sid',
  secret: 'somerandonstuffs',
  resave: false,
  saveUninitialized: false,
  cookie: {
    maxAge: 10000,
    secure: false,
    ttpOnly: false
  }
}));

server.use((req, res, next) => {
  console.log(req.cookies);
  console.log(req.session);
  if (req.cookies.user_sid && !req.session.user) {
    res.clearCookie('user_sid');
  }
  next();
});

server.get('/api/userRole', async (req, res, next) => {
  try {
    const role = await app.userRole(req.query.userID, req.query.email);
    res.send({ role });
    req.session.user = req.query.userID; //assign
  }
  catch (error) {
    next(error);
  }
});

server.get('/api/music', async (req, res, next) => {
  try {
    console.log(req.session.user) //returns undefined
    const uid = req.query.user;
    app.checkAuth(uid, app.constants.roles.member);
    const music = await app.music(req.query.status);
    res.send(music);
  }
  catch (error) {
    next(error);
  }
});

And here is the result from the console logs

{}
Session {
  cookie: 
   { path: '/',
     _expires: 2019-07-19T22:01:58.342Z,
     originalMaxAge: 10000,
     httpOnly: false,
     secure: false } }
{}
Session {
  cookie: 
   { path: '/',
     _expires: 2019-07-19T22:01:58.387Z,
     originalMaxAge: 10000,
     httpOnly: false,
     secure: false } }
undefined

All I can seem to get as a response is undefined. Any idea what might be going wrong? Thanks in advance for any help.

Solution

  • You need to set up a storage option for express-session. The easiest one to set up is session-file-store, but I'd recommend using something like connect-redis for a production environment.

    You then pass the session storage instance to the express-session options like this:

    var session = require('express-session');
var FileStore = require('session-file-store')(session);

var fileStoreOptions = {};

app.use(session({
   store: new FileStore(fileStoreOptions),
   secret: 'keyboard cat'
}));