So I've set the session according to the documentation for express-session, as far as I can tell. But my cookie is not getting created! According to the documentation, all you have to do is set the request.session value and the cookie should automatically be set. I'm not sure what voodoo enables this, but the magic seems to be broken. Just to be sure I verified against the example given here. Am I wrong? Are these missing some key info?
//login route handler
app.post('/users/login/', function (req, res) {
//... get the row from DB, check the pass then set session
this.bcryptpare(password, row.hashed, function(err, passwordsMatch) {
if( passwordsMatch === true)
{
//set the session variable 'user'
req.session.user = row;
res.send(row);
}
});
So I wonder am I doing something wrong, or is there a bug with the latest? I can check my database and I do see correct session variables on the rows in my session table!
//Here's my "configuration" of express-session.
app.use(function (req, res, next) {
res.header('Access-Control-Allow-Credentials', 'true');
next();
});
var storeOptions = {
//my database options (this works, it makes rows in db table)
};
var sessionStore = new SessionStore( storeOptions );
app.use(session({
name:'yay_session',
secret: 'some secret this is now',
resave: true,
saveUninitialized: false,
cookie: { maxAge: 600000,httpOnly: false, domain:'localhost' },
store: sessionStore
}));
Why is my client-side cookie not getting set? It does not show up in resources debug panel. So I'm wondering if there's a bug with the latest 4.13.3 version working in tandem with express-session 1.11.3. This is latest as of Aug 27.
So I've set the session according to the documentation for express-session, as far as I can tell. But my cookie is not getting created! According to the documentation, all you have to do is set the request.session value and the cookie should automatically be set. I'm not sure what voodoo enables this, but the magic seems to be broken. Just to be sure I verified against the example given here. Am I wrong? Are these missing some key info?
//login route handler
app.post('/users/login/', function (req, res) {
//... get the row from DB, check the pass then set session
this.bcrypt.pare(password, row.hashed, function(err, passwordsMatch) {
if( passwordsMatch === true)
{
//set the session variable 'user'
req.session.user = row;
res.send(row);
}
});
So I wonder am I doing something wrong, or is there a bug with the latest? I can check my database and I do see correct session variables on the rows in my session table!
//Here's my "configuration" of express-session.
app.use(function (req, res, next) {
res.header('Access-Control-Allow-Credentials', 'true');
next();
});
var storeOptions = {
//my database options (this works, it makes rows in db table)
};
var sessionStore = new SessionStore( storeOptions );
app.use(session({
name:'yay_session',
secret: 'some secret this is now',
resave: true,
saveUninitialized: false,
cookie: { maxAge: 600000,httpOnly: false, domain:'localhost' },
store: sessionStore
}));
Why is my client-side cookie not getting set? It does not show up in resources debug panel. So I'm wondering if there's a bug with the latest 4.13.3 version working in tandem with express-session 1.11.3. This is latest as of Aug 27.
Share Improve this question asked Aug 28, 2015 at 6:27 FlavorScapeFlavorScape 14.4k13 gold badges79 silver badges123 bronze badges2 Answers
Reset to default 1Use the below code for session to work normally in EXPRESS JS V 4: -
var express = require('express');
var session = require("express-session");
var cookieParser = require('cookie-parser');
var app = express();
app.use(cookieParser());
var MemoryStore =session.MemoryStore;
app.use(session({
name : 'app.sid',
secret: "1234567890QWERTY",
resave: true,
store: new MemoryStore(),
saveUninitialized: true
}));
The session must be saved.
req.session.save(function(err) {
// session saved
})
More details on the express-session page.