I'm continuing to struggle with how to create a fake client that mimics a browser accessing routes on a Node.js server. Things work perfectly with an actual browser, but (for testing purposes) I would like to create a socket.io-client that programmatically mimics a user connecting via a browser. This great answer to my first question () has allowed me to get 99% of the way there; the only remaining obstacle is that sessions do not persist between route accesses. Here is the smallest example I could create: the fake client accesses a route "first", which sets a session variable, then accesses route "second", which tests whether that variable is set in the session (it is not). My question is: What do I need to modify to make the server return "server says user is Paul in second route"? Any advice on how to find the session cookie stored in the socket.io-client would also be greatly appreciated.

// *********************
// *** Set up server ***
// *********************

const express = require('express');
const xsession = require('express-session');
const app = express();

const sessionMiddleware = xsession({
    secret: 'jvlNKyuFLBXY',
    resave: false,
    saveUninitialized: true,
    cookie: {
        maxAge: 600000,
        secure: false,
        httpOnly: true,
        sameSite: 'strict'
    }
});
app.use(sessionMiddleware);

const http = require('http');
const mywebserver = http.createServer(app).listen(3099, () => {
    console.log("listening on port 3099");
});

const server = require("socket.io").Server;
const io = new server(mywebserver);

// The first route sets session variable "user" to what was provided in query username
app.get('/first', (req,res) => {
    res.writeHead(200, {"Content-Type" : "text/plain"});
    req.session.user = req.query.username;
    res.write('server says that it set user to ' + req.session.user + " in first route");
    res.end();
});

// The second route tests whether session variable "user" is set
// The problem I'm trying to solve hinges on the fact that the response
// is "~~> server says user is undefined in second route"
app.get('/second', (req,res) => {
    res.writeHead(200, {"Content-Type" : "text/plain"});
    res.write('server says user is ' + req.session.username + " in second route");
    res.end();
});

// *********************
// *** Set up client ***
// *********************

let base_url = 'http://localhost:3099';
const ioclient = require("socket.io-client").io;
const axios_api = require("axios");

// Create client socket
const clisock = ioclient(base_url, { 
    autoConnect: true, 
    withCredentials: true
});
    
clisock.on("connect", () => {
    console.log("client connected");
    
    // Server sets session variable "user" in first route
    console.log("client accessing first route...");
    axios_api.get(base_url + "/first?username=Paul", { withCredentials: true })
    .then(response_first => {
        console.log("response received by client from server (first route):");
        console.log("~~> " + response_first.data);

        // Test whether session variable "user" is still set by accessing second route
        console.log("client accessing second route...");
        axios_api.get(base_url + "/second", { withCredentials: true })
        .then(response_second => {
            console.log("response received by client from server (second route):");
            console.log("~~> " + response_second.data);
        })
        .catch(error_second => {
            console.error(error_second);
        });

    })
    .catch(error_first => {
        console.error(error_first);
    });
});