node.js express passport.js passport-local

getting redirected even with correct usr/pwd (express/passport-local)

I'm using passport-local for authentication. When starting from login page I do redirect where I should if usr/pwd is correct and redirect back to login when it's not, but if add the authentication requirement to a page I'm always getting redirected to the login page.

app.js

var express = require('express');
var passport = require('passport');
var path = require('path');
var cookieParser = require('cookie-parser');
var logger = require('morgan');

var indexRouter = require('./routes/index');
var authRouter = require('./routes/auth');
var listsRouter = require('./routes/lists');

var app = express();

require('./boot/auth')();

// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');

app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.use(passport.initialize());
app.use(passport.authenticate('session'));

app.use('/', indexRouter);
app.use('/', authRouter);
app.use('/lists', listsRouter);

module.exports = app;

boot/auth.js

var passport = require('passport');
var Strategy = require('passport-local');

module.exports = function () {
    passport.use(new Strategy(function (username, password, cb) {
        if (checkUsrPwd()) {
            var user = {
                id: '1',
                username: 'my_user',
                displayName: 'user name'
            };
            return cb(null, user);
        } else {
            return cb(null, false, {
                message: 'Incorrect username or password.'
            });
        }
    }));

    passport.serializeUser(function (user, cb) {
        process.nextTick(function () {
            cb(null, {
                id: user.id,
                username: user.username
            });
        });
    });

    passport.deserializeUser(function (user, cb) {
        process.nextTick(function () {
            return cb(null, user);
        });
    });

};

routes/lists.js

const express = require('express');
const ensureLoggedIn = require('connect-ensure-login').ensureLoggedIn;
const router = express.Router();

router.get("/list", ensureLoggedIn('/'), (req, res) => {
  [...]
      res.contentType = 'application/json';
      res.render('list', {
        userData: items
      });
    };
  });
});

What did I miss?

Solution

I was missisng a line in my app.js

app.use(require('express-session')({ secret: 'keyboard cat', resave: false, saveUninitialized: false }));

After adding that everything is working fine.