multiple sessions in passport.js

Question

middieware setup

var session = require('express-session');
var passport = require('passport');
app.use(session({
secret: 'secret',
saveUninitialized: true,
resave: true
}));
app.use(passport.initialize());
app.use(passport.session());

i have two seperate users to login. one is customer and another one is merchent

customer passport session code

var passport = require('passport');
var Strategy = require('passport-local').Strategy;
app.post('/login',
passport.authenticate('local', {successRedirect:'/customer/home',    failureRedirect:'/customer/login',failureFlash: true}),
function(req, res) {
  req.session.user=user;
  res.redirect('/customer/home');
});
passport.serializeUser(function(user, cb) {
cb(null, user._id);
});

passport.deserializeUser(function(id, cb) {
data.customerid(id, function (err, user) {
  if (err) { return cb(err); }
  cb(null, user);
});
});

passport.use(new Strategy(
function(username, password, cb) {
  data.customerlogin(username, function(err, user) {
    if (err) { 
        return cb(err); 
    }
    if (!user) {
         return cb(null, false); 
        }
    if (user.password != password) { 
        return cb(null, false); 
    }
    return cb(null, user);
});
}));

it is working for one user how to create another session for merchent who is a another user

Hope this solves : https://stackoverflow.com/questions/43837099/how-to-manage-multiple-session-in-express-js — Mahendra suthar, Feb 16 '19 at 14:50
somehow session is working but the session 1 is overwriting the data of the session 2. when i logged in with session and then trying to login in session2 the cookie data of session 2 is over wriitten by session 1 — Tarun, Feb 17 '19 at 03:39

score 0 · Answer 1 · answered Feb 19 '19 at 08:34

The first issue is probably this

function(req, res) {
  req.session.user=user;
  res.redirect('/customer/home');
});

The user in req.sessson.user = user is most likely undefined. I'd advice reviewing the logic that you're trying to achieve here and recheck if the code implements the logic.

It's probably simpler to have only one session. The session would either be in customer role or merchant role. The user would then have access to parts of the web application depending on the role.

multiple sessions in passport.js

1 Answers1