I am working on a simple login system, but it seems like the session is not saved
i have made a simple code for testing, can anyone tell me what is wrong with it ? i am
It is because of the option cookie.secure = true
quote
Please note that secure: true is a recommended option. However, it requires an https-enabled website, i.e., HTTPS is necessary for secure cookies.
see https://github.com/expressjs/session#cookie-options
You must set it to false, to allow session cookies on non-https host, or use an https host.
test code
var port = process.env.PORT || 8080;
var express = require('express');
var app = express();
var cookieParser = require('cookie-parser');
var session = require('express-session');
app.use(cookieParser());
app.use(session({
secret: "fd34s@!@dfa453f3DF#$D&W",
resave: false,
saveUninitialized: true,
cookie: { secure: !true }
}));
app.get('/test_login', function(req, res){
req.session.users_schema = 1;
req.session.user_doc = 2;
res.json({"first": req.session.users_schema, "second": req.session.user_doc});
});
app.get('/test_is_loggin', function(req, res){
if( !req.session.users_schema || !req.session.user_doc ) {
console.log("no");
res.json({"first": 1, "second": 1});
}
else {
console.log("OK");
res.json({"first": req.session.users_schema, "second": req.session.user_doc});
}
});
app.listen(port);
console.log('Listening on port ' + port);
output
[mh-cbon@pc15 test] $ node express-session.js
Listening on port 8080
OK
i am not sure but it might be related to the way i am sending the data ?
<script>
var date = new Date("05/05/2016");
$.ajax({
type : "POST",
url : '//localhost:8080/test_login',
data : {
},
success : function(data) {
console.log(data);
},
error : function(req, errortype) {
console.log("ERROR");
}
});
</script>
==========================================
SOLVED!!!
it was related to the way i am sending my data, i changed it to the following :
CLIENT:
$.ajax({
type : "POST",
xhrFields: {withCredentials: true}, // ADDED THIS LINE
url : '//localhost:8080/test_login',
data : {
},
success : function(data) {
console.log(data);
},
error : function(req, errortype) {
console.log("ERROR");
}
});
SERVER:
app.use(function(req, res, next) {
res.header('Access-Control-Allow-Credentials', true);
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
res.header("Access-Control-Allow-Origin", "http://localhost");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
Thank You So Much @mh-cbon
All about changing the sequence of Session config and routes config in
Server.js
file
Before: Error
require("./startup/cors")(app);
require("./startup/passport/passport-setup")();
require("./startup/logging")();
require("./startup/validation")();
//require("./startup/db")();
require("./startup/prod")(app);
require("./routes/index")(app);
app.use(
session({
secret: 'keyboard cat',//process.env.SESSION_KEY,// Used to compute a hash
resave: false,
saveUninitialized: false,
store: new MongoStore({ mongooseConnection: mongoose.connection }),// Store session on DB
})
);
After: Correct
app.use(
session({
secret: 'keyboard cat',//process.env.SESSION_KEY,// Used to compute a hash
resave: false,
saveUninitialized: false,
store: new MongoStore({ mongooseConnection: mongoose.connection }),// Store session on DB
})
);
require("./startup/cors")(app);
require("./startup/passport/passport-setup")();
require("./startup/logging")();
require("./startup/validation")();
//require("./startup/db")();
require("./startup/prod")(app);
require("./routes/index")(app);