Simple session middleware for Express
The express-session module is a simple session middleware for Express.
Questions tagged [express-session]
1209 questions
3
votes
2 answers
Cookies not storing in browser when using Passport with Express
I'm using passport-discord and passport to allow users to authenticate using their discord accounts.
For some reason, cookies aren't being stored in the browser (on frontend website), I use axios (withCredentials set to true in request options) to…
FC5570
- 163
- 4
- 12
3
votes
1 answer
express-session for cross-domain application not sending cookies
Setup
Backend: Express.js, express-session, connect-mongo, cors, modules working in Node.js host from Heroku (Free edition), and storing data to MongoDB Atlas (cloud-based Mongo solution)
Frontend: React.js, axios, working in Godaddy shared linux…
astroxii
- 146
- 2
- 8
3
votes
0 answers
Allow express-session to work properly in an iframe
Okay, simple problem, but I have no idea about how to approach it. I have an iframe that runs a server that uses express-session. However, the "connect.sid" cookie cannot save because the iframe and the parent site are cross-site. I would still like…
Flight Dude
- 133
- 7
3
votes
0 answers
Connect-mongo package with Jest leads to error "Jest did not exit one second after the test run has completed"
I built a middleware for session-based authentication with express-session package and as a session store I use the connect-mongo package.
When I run this Jest test:
//..
const createServer = require("./server") // <-- this line triggers the…
elMeroMero
- 752
- 6
- 18
3
votes
1 answer
Express-session creates new session every request
I put my node express server into production. In development, express-session worked fine (it stored session into cookies with MemoryStore). But now it creates a new session ID into MongoStore every time I refresh or make a request. Also, it doesn't…
AidaMati
- 51
- 1
- 7
3
votes
0 answers
req.session undefined for express app (using Okta middleware) in chrome but not safari
There are similar questions out there, but not that directly address why this application of express-session consistently works in Safari but not in chrome.
My server code is below, which only needs to authenticate a single page with a logged out…
Jake Durell
- 169
- 1
- 12
3
votes
3 answers
Grant Provider OAuth state mismatch when accessing the two application modules simultaneously on same browser and user is not logged in yet
I have been trying to implement Single SignOn(SSO). I have different frontend application modules which are running on different domain and they all utlize a single API server.
SSO Server https://sso.app.com
API Server https://api.app.com
Frontend…
Taimoor Ali
- 39
- 5
3
votes
1 answer
Cookie not set, even though it is in response headers. Using express-session cookies
Problem:
Trying to set the cookie on login using express-session, but think I'm missing something obvious. The response to the login POST request includes Set-Cookie. I've also set the Access-Control-Allow-Origin and Access-Control-Allow-Headers to…
gddh
- 71
- 1
- 5
3
votes
1 answer
[Express][Nodejs] How to decrypt express-session cookie during socket.io connection?
After successful login, userId and Name of the user are saved in a cookie.
server.js
const io = require('socket.io')(http)
const session = require('express-session')
const Allusers = [ {id: 1, name: 'Admin', username: 'admin', password: 'admin'}…
aditya
- 123
- 2
- 11
3
votes
0 answers
Is using cookie-based authentication in a cross-domain app a security risk?
I see that it's almost standard today to use JWT for modern applications, where the API and the front-end are totally separated, and served from a different server.
I know that browsers will not send cookies to different domains by default, but…
i.brod
- 3,993
- 11
- 38
- 74
3
votes
0 answers
Express-Session: Where the connect.sid values comes from?
Example if you run:
console.log('Connect.sid', req.headers.cookie);
Result of connect.sid value:
connect.sid=s%3A04x6YVZX68nRrhakd3SWuIMakDhuGptO.kyBVHe0HDI4pW1JeOl0xEopRYgQ51ZVlAKdfui7ii18
And if you log the req.sessionID the result is going to…
Ginko
- 357
- 1
- 2
- 8
3
votes
1 answer
Why are my express sessions not persisting and why am I getting a new session (or multiple sessions) created for each request
I have a basic node.js express app using express-sessions.
Please can someone help with why the sessions are not persisting and why a new session is created for every request.
The app itself is quite large so i have added a reduced case of the…
Joshvr27
- 71
- 7
3
votes
1 answer
NodeJS, VueJS, express-session. Cookies don't set on client side
I work with app, that already has its own infrastructure. The task is to integrate session-cookie mechanism. I spent a lot of time to understand why cookies doesn’t set on client side.
I. Briefly.
App settings:
Server: NodeJS
Port: 8081
Client:…
Gleb Tregubov
- 71
- 1
- 6
3
votes
3 answers
How to get persistent express session id in socket.io connection?
I am building a MEAN stack chat application. And I want to be able to get express session id inside socket.io on connection handler. I am able to access the socket.handshake.session.id but it is not the same as req.session.id. Further…
Anand Kashyap
- 63
- 1
- 9
3
votes
1 answer
How to implement session cookie based authentication in Vue.js?
I have a node.js (express, passport) application with rolling session authentication.
The application is simple enough, just login-password that returns the cookie for the session and a few API functions that are available only with…
Regs
- 321
- 1
- 3
- 11