Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Passport.js does not work with cookieSession (Express.js)
See original GitHub issueI’m using Passport to log in with Facebook or Twitter into my service. Since MemoryStore is not intended for production and I’m not going to store much information into the session, I wanted to use cookieSession, but it doesn’t work:
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(express.cookieParser());
app.use(express.cookieSession({ secret: 'keyboard cat', cookie: {maxAge: 60 * 60} }));
app.use(passport.initialize());
app.use(passport.session());
app.use(app.router);
It works as expected if I repace cookieSession() with session():
app.use(express.session({ secret: 'keyboard cat' }));
Issue Analytics
- State:
- Created 10 years ago
- Comments:15 (2 by maintainers)
Top Results From Across the Web
Expressjs cookie-session settings not working with ...
I'm trying to call my /auth/user endpoint to get the current user that's logged into my website. But because of the new Chrome...
Read more >Authenticate Users With Node ExpressJS and Passport.js
Let's start by installing ExpressJS (server framework), body-parser (parses incoming request bodies), and express-session (cookie-based session middleware). npm ...
Read more >Authenticate Users with Passport and express-session
In today's post, I'll be talking about how to authenticate users with sessions. On top of express-session and passport. So before firing up,...
Read more >Express cookie-session middleware
cookie -session does not require any database / resources on the server side, ... This is a Node.js module available through the npm...
Read more >Disabling Sessions in Passport.js
This session is maintained via a cookie in the user's browser. However, in some cases, session support is not required. For instance, API ......
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
SOLVED! 😄
It was my fault, nothing to do with passport. I was provisionally serializing full facebook profile into the session (like you did in the passport-facebook project’s example), without taking into account that it doesn’t fit into a cookie! That’s why it was working using the default MemoryStore and failing with cookieSession. It works as expected if you serialize less information.
Hope it helps, @mlehtinen 😃.
This still seems to be an issue. Unfortunately I don’t have time to isolate and test right now but I don’t think this is as simple as trying to write too much data to the cookie. I keep running into an issue where it wants to deserialize the user despite the fact that the user doesn’t exist yet. Replacing
cookie-sessionwithexpress-sessionfixes the problem.Will hopefully have more time to figure out what’s wrong soon and then I’ll report back.