I am implementing session storage using Node / Express / Mongo. My problem is that I cannot get any sessions from my sessions collection, so I cannot determine if the user has already been registered.
I use MongoSkin, MongoStore and mongo-connect, although I do not mind using Mongoose and other tools.
Here is my debug output:
// Check whether the current user has a session. // If so, adds "currentUser" to the request. // Else, redirect to the login page. function loadUser(req, res, next) { console.log("loadUser: checking loadUser..."); var db = req.db; console.log("current req.session.token:"); console.log(req.session.token); console.log("current req.session:"); console.log(req.session); if (req.session.token) { // Look up the session id in the database 'sessions' collection. db.collection('sessions').findOne({token : req.session.token}, function(err, user) { console.log("found user by looking up token:"); console.log(user); if (user) { req.currentUser = user; next(); } else { console.log("token not in 'sessions', redirecting..."); res.redirect('/login/webapp_login.html'); } }); } else { console.log("no token, redirecting..."); res.redirect('/login/webapp_login.html'); } }
And here is the console output:
loadUser: checking loadUser... current req.session._id: 53acb8e1b7b297dc29681def current req.session: { cookie: { path: '/', _expires: null, originalMaxAge: null, httpOnly: true }, isLogged: 21, username: 'sessiontest1', token: '57a6dfe0bea9150bd4e2d1f76974e88b', } found user by looking up token: null token not in 'sessions', redirecting...
As well as:
db.collection('sessions').find(req.session._id, function(user) {
I also tried:
db.collection('sessions').findOne({session:{token:req.session.token}}, function(err, user) {
but i still get null and the function redirects. Am I missing something? Any suggestions would be helpful. I use MongoSkin, although I am also open to solutions in Mongoose.
In addition, I know that my database is configured correctly because I checked the command line:
> db.sessions.find().pretty() { "_id" : "vnftBGNFVQ3S4lHiIB_omOxWDu01kFuH", "session" : "{\"cookie\":{\"originalMaxAge\":null,\"expires\":null,\"httpOnly\":t rue,\"path\":\"/\"},\"isLogged\":6}", "expires" : ISODate("2014-07-09T03:44:54.863Z") } { "_id" : "-AMKc_kIzOOAn_eQJ6RJpvTgWoargLaJ", "session" : "{\"cookie\":{\"originalMaxAge\":null,\"expires\":null,\"httpOnly\":t rue,\"path\":\"/\"},\"isLogged\":20,\"username\":\"sessiontest1\",\"token\":\"57a6dfe0bea 9150bd4e2d1f76974e88b\"}", "expires" : ISODate("2014-07-11T06:35:14.835Z") }
What is going wrong and why can't I get a session from the sessions collection?
Update launch
db.collection ('sessions'). find ({"session": /./}, function (err, user) {
gives me a conclusion, so I believe that the problem is with the record with a field in the session field line. The session field specified in the database output above is problematic because it is one long string and not a nested JSON.
Also, my sessions entries are automatically added after adding this to my app.js :
app.use(expressSession({ secret: 's3cretc0de', store: new MongoStore({ url: mongoUrl }, function () { console.log("db session connection open"); }) }));
And I added the token and username fields to my router, as shown below:
router.get('/verify', function(req, res) { req.session.username = username; req.session.token = req.query.token; }
Am I missing something? Any help would be greatly appreciated.