Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

passport.deserializeUser not called when session uses external session storage

See original GitHub issue

If koa-session is initialized with external sotage (not cookies), then passport.deserializeUser will be never called. As a result method isAuthenticated will never work as expected.

Issue Analytics

State:
Created 5 years ago
Reactions:3
Comments:12 (5 by maintainers)

Top GitHub Comments

1reaction

ilaipicommented, Dec 11, 2018

I switch to koa-session-minimal and koa-redis, and keep koa-passport, and then the problem resolved.

so I think this problem may be caused by koa-session lib.

0reactions

klandellcommented, Jun 5, 2019

I’m a bit late to the game here, but I was having this same issue where passport.deserializeUser was never called when using an external store with koa-session and koa-passport. The unfortunate cause of my struggles was not realizing that I had to store the entire sess argument instead of just the unique key within it that I was interested in. I blame that on poor documentation…

If anyone else hits this, I wrote this minimal working memory store that you can drop in for debugging to verify that it is your store implementation that has the problem and not koa-session or koa-passport.

const memStore = {
  data: {},
  write(key, sess) {
    const { data } = this;
    return new Promise(resolve => {
      data[key] = sess;
      resolve();
    });
  },
  read(key) {
    return Promise.resolve(this.data[key]);
  },
  del(key) {
    const { data } = this;
    return new Promise(resolve => {
      data[key] = undefined;
      resolve();
    });
  },
};

module.exports = {
  get(sid) {
    return memStore.read(sid);
  },
  async set(sid, session) {
    await memStore.write(sid, session);
  },
  async destroy(sid) {
    await memStore.del(sid);
  },
};

Top Results From Across the Web

deserializeUser not called when user session shared ... - GitHub

I'm trying to deserialize users and authenticate them on my wiki app localhost:8000, when they are logged in with passport on my main...

PassportJS deserializeUser never called - node.js

Have you use() 'd passport.session() middleware? Like in this example: ... Apparently in this case req.login() will not be called (which calls deserialize)....

Passport.js - Documentation

When the session is authenticated, Passport will call the deserializeUser function, which in the above example is yielding the previously stored user ID, ......

How to use the passport.initialize function in passport - Snyk

sync(); // First, our session middleware will set/read sessions from the request. // Our sessions will get stored in Mongo using the same...

The Ultimate Guide to Passport JS - DEV Community ‍ ‍

Session Based Authentication - Utilizes browser Cookies along with backend "Sessions" to manage logged-in and logged-out users.