All geek questions in one place

Passport does not support persistent login sessions

I first looked at regular sessions with a passport, mongodb and express , but this did not help and did not make sense.

I am trying to get persistent logins with my website . My serialization process is not working.

// Passport needs to be able to serialize and deserialize users to support persistent login sessions passport.serializeUser(function(user, done) { console.log('serializing user:',user.username); //return the unique id for the user return done(null, user._id); }); //Desieralize user will call with the unique id provided by serializeuser passport.deserializeUser(function(id, done) { User.findById(id, function(err, user) { console.log('deserializing user:',user.username); return done(err, user); }); });

The entire passport file can be found on github.

I think the problem is that I get deserialized immediately or at least what console.logs show.

Or it could be with my session:

 app.use(session({ secret: 'keyboard cat', cookie : { maxAge: 3600000 // see below } }));

Here is my user schema:

 var userSchema = new mongoose.Schema({ username : String, password : String, //Hash created_at : {type: Date, default : Date.now} });

Thanks for the help!

+5
source share
3 answers

Your problem is not in the passport or at your rear end. It is on the front using angular. You set $rootScope.authenticated when the user takes an action to log in, but you need to check the server each time the application is initialized by calling your api to see if the user has already registered.

So maybe in routes/api.js create a route router.route('/current_user') that should either return null (or some kind of guest user object) or it will return the current user information so that your frontend is angular will know if the user is registered or not, and have some user information to work with. If /api/current_user provides the user, then you know that you are logged in, and you can set $rootScope.authenticated = true .

+2
source

The link you referred to, constant sessions with a passport, mongodb and express , speaks of the old version of the express structure, the one that you use in your package.json , https://github.com/manu354/teecher/blob/master /package.json , "express": "~4.13.1" , very new.

You need to move these lines:

 app.use(passport.initialize()); app.use(passport.session());

a bit to be immediately under app.use(session({...})

I would recommend you follow this blog post, http://mherman.org/blog/2015/01/31/local-authentication-with-passport-and-express-4/ , this will definitely help you

+3
source

Just publish in case this helps someone.

Check if your client / browser follows the Set-Cookie header.

In my case, it worked fine in Safari, but not in Chrome or Firefox. It is clear that the problem with the client side does not exist, because the browser does not indicate the code on the server side. One of the differences between Safari and Chrome / Firefox was that fetch polyfill was used in Safari, while Chrome and Firefox supported it natively. fetch does not use the Set-Cookie header unless you provide credentials in your parameters.

0
source

Source: https://habr.com/ru/post/1235477/

More articles:


All Articles