0

I can authenticate with facebook and everyauth but it doesn't work without the session module plugged in. The error message is...

Step getSession of facebook is promising: session ; however, the step returns nothing. Fix the step by returning the expected values OR by returning a Promise that promises said values.

I don't want my app to use session.

Is it using it to store the user id of the authenticated user? If so, surely it could just put it in a cookie and encrypt it.

Ian Warburton
  • 15,170
  • 23
  • 107
  • 189

1 Answers1

1

You can use cookie-session for cookie-based session if you're not willing to use express' session middleware.

Julian H. Lam
  • 25,501
  • 13
  • 46
  • 73
  • Probably not very secure. I will stick with server side session for now. ASP.net does a good job of authentication cookies. – Ian Warburton Oct 22 '14 at 00:34