I'm trying to login with passport session exrpess and mongodb, the problem is that it's not working on the client side (my session is created correctly even from the client, but when I have to enter a protected route the req.user returns undefined) I'm using axios to handle the requests to the server, as it says in the title, when I try it with postman to the same routes that I have on the client it works perfect...
**The server responds with the else of this function (located in passport.js): **
const checkAuthenticated = (req, res, next) => {
console.log("REQUEST USER", req.user)
console.log("BREAK HERE ", req.isAuthenticated())
if (req.isAuthenticated()){
console.log("DSADASDASDAS ", req.isAuthenticated())
return next()
}else{
// res.status(302).redirect("http://localhost:3000/login")
res.status(302).json({message: "??????"})
}
}
I suspect it has something to do with the deserialize or the way I handle requests on the client side, if you can help me I would appreciate it
CLIENT SIDE: login.jsx
async function handleVerify(e){
try {
e.preventDefault()
const query = await axios.post("http://localhost:8080/api/user/login", {
username: formValue.username,
password: formValue.password
});
console.log(query)
if(query.status === 302 || 200){
console.log("Login successfull") //last thing on console
const queryPost = await axios.get("http://localhost:8080/api/post/home", { //Breaks Here
withCredentials: true
})
console.log("DSADSADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", queryPost)
if(queryPost.status === 200){
navigate("/")
}
}else{
setFormValue({
username: "",
password: ""
})
}
} catch (error) {
console.log("HANDLE VERIFY ERROR ", error)
}
}
PASSPORT: passport.js
const passport = require("passport")
const LocalStrategy = require("passport-local").Strategy
const jwt = require("jsonwebtoken")
const secretKey = "123"
const controller = require("../controllers/userController")
passport.use("auth", new LocalStrategy(
async (username, password, done) => {
try {
const result = await controller.auth(username, password)
console.log("PASSPORT USER: ", result)
if(result.status === 200){
const serializedUser = {email: result.user[0].email}
const payload = {
username: result.user[0].username,
email: result.user[0].email
}
const token = jwt.sign(payload, secretKey, {expiresIn: "1h" })
console.log("token ", token)
// localStorage.setItem("token", token)
return done(null, serializedUser, token)
}else{
return done(null, false, {message: "Usuario no encontrado"})
}
} catch (error) {
console.log("PASSPORT AUTH ERROR ", error)
return done(null, error)
}
}
))
passport.serializeUser((user, done) =>{
console.log("SERIALIZED", user)
done(null, user.email)
})
passport.deserializeUser(async (email, done) =>{
try {
// const completeUser = await controller.getByEmail(email)
console.log("DESERIALIZED", email)
done(null, email)
} catch (error) {
console.log("DESERIALIZE ERROR ", error)
done(error)
}
})
const checkAuthenticated = (req, res, next) => {
console.log("REQUEST USER", req.user)
console.log("BREAK HERE ", req.isAuthenticated())
if (req.isAuthenticated()){
console.log("DSADASDASDAS ", req.isAuthenticated())
return next()
}else{
// res.status(302).redirect("http://localhost:3000/login")
res.status(302).json({message: "??????"})
}
}
const checkToken = (req, res, next) =>{
const token = req.headers.authorization?.split(" ")[1]
console.log("middle TOKEN ", token)
if(!token){
return res.status(401).json({message: "Token no proporcionada"})
}
try {
const decoded = jwt.verify(token, secretKey)
req.user = decoded
next()
} catch (error) {
return res.status(403).json(error)
}
}
module.exports = {
checkToken,
checkAuthenticated,
passport
}
SERVER INDEX: server.jS
require('dotenv').config();
const express = require("express")
const passport = require("passport")
const session = require("express-session")
const http = require("http")
const cors = require("cors")
const {checkToken, checkAuthenticated} = require("./security/passport")
const MongoStore = require("connect-mongo")
const sessionOpts = {
secret: "shhh",
resave: false,
saveUninitialized: false,
store: MongoStore.create({
mongoUrl: "MONGOURL",
dbName: "test",
collectionName: "sessions"
})
}
const app = express();
const PORT = 8080;
app.use(cors({
origin: "http://localhost:3000",
credentials: true
}))
app.use(express.json())
app.use(express.urlencoded({ extended: true }))
app.use(session(sessionOpts))
app.use(passport.initialize());
app.use(passport.session());
const { router: userRouter } = require("./routers/api/user");
const { router: postRouter } = require("./routers/api/posts");
const interactionsRouter = require("./routers/api/interactions")
app.use("/api/user", userRouter)
app.use("/api/post", checkAuthenticated, postRouter)
app.use("/api/interactions", checkToken, interactionsRouter)
const server = http.createServer(app)
server.listen(PORT, () => {
console.log("Server running")
})
server.on("error", () => {
console.log("Something failed", "error")
})
POST ROUTES: post.js
const express = require("express");
const {Router} = express;
const router = Router();
const PostModel = require("../../models/post");
const controller = new PostModel
router.get("/home", controller.getAll)
router.post("/home/post", controller.post)
module.exports = {
router,
controller
}
USER ROUTES: user.js
const express = require("express");
const {Router} = express;
const router = Router();
const controller = require("../../controllers/userController")
const {passport} = require("../../security/passport");
const {checkAuthenticated} = require("../../security/passport")
router.post("/login", passport.authenticate("auth"),controller.verify)
router.post("/login/r", passport.authenticate("auth"), controller.register)
router.get("/logout", controller.logout)
module.exports = {
router,
controller
}
The flow goes until the serialization and creation of the session, then it doesn't work, I saw many similar problems but the answers of these did not help me
