I'm making post or get request from react JS using Fetch api when requesting the session from the express-session always creating new session.
Backend
app.use(session({
secret: 'sec12',
resave: false,
saveUninitialized: false,
store: MongoStore.create({
mongoUrl: keys.mongodb.dbURI,
autoRemove: 'native',
ttl: 9 * 60 * 60,
mongoOptions: {
useNewUrlParser: true,
useUnifiedTopology: true
}
})
}));
cors
var corsOptions = {
origin: 'http://localhost:3000',
methods: ['GET', 'POST'],
optionsSuccessStatus: 200,
credentials:true,
preflightContinue: true,
allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'Accept']
}
app.use(cors(corsOptions))
and from the react JS
var requestOptions = {
method: 'POST',
headers: headers,
body: JSON.stringify(formData),
redirect: 'follow',
credentials: 'include',
};
fetch(url, requestOptions)
.then(response => {
if(response.ok){
return response.json()
}else{
return reject('Oppps... Something went wrong the backend server not found!')
}
})
.then(result => result?.error ? resolve(result) : resolve(result))
I Think, I figure it out.. just adding req.cookie once authenticated and parse it in every request.
put this script once the login is authenticated
res.cookie('access_token', token, { maxAge: 900000, httpOnly: true });
and then using cookieParser and parse this in every request
const cookieExtractor = req =>{
let token = null;
if(req && req.cookies){
token = req.cookies['access_token']
}
return token;
}
// MIDDLEWARE
passport.use(new JwtStrategy({jwtFromRequest : cookieExtractor, secretOrKey :
"secret01"}, async (payload, done)=>{
User.findById({_id : payload.sub},(err, user)=>{
if(err) {
return done(err,false);
}
if(user){
return done(null,user);
}else{
return done(null,false);
}
});
}));