NodeJS express-session req.session is undefined

Question

I am working on a simple login system, but it seems like the session is not saved

i have made a simple code for testing, can anyone tell me what is wrong with it ? i am

Answer 1

It is because of the option cookie.secure = true

quote

Please note that secure: true is a recommended option. However, it requires an https-enabled website, i.e., HTTPS is necessary for secure cookies.

see https://github.com/expressjs/session#cookie-options

You must set it to false, to allow session cookies on non-https host, or use an https host.

test code

var port = process.env.PORT || 8080;
var express = require('express');
var app = express();


var cookieParser = require('cookie-parser');
var session = require('express-session');



app.use(cookieParser());
app.use(session({
    secret: "fd34s@!@dfa453f3DF#$D&W",
    resave: false,
    saveUninitialized: true,
    cookie: { secure: !true }
}));



 app.get('/test_login', function(req, res){

    req.session.users_schema = 1;
    req.session.user_doc = 2;

    res.json({"first": req.session.users_schema, "second": req.session.user_doc});
});
app.get('/test_is_loggin', function(req, res){

  if( !req.session.users_schema || !req.session.user_doc ) {

      console.log("no");
      res.json({"first": 1, "second": 1});
  }
  else {

      console.log("OK");
      res.json({"first": req.session.users_schema, "second": req.session.user_doc});
  }

});


app.listen(port);
console.log('Listening on port ' + port);

output

[mh-cbon@pc15 test] $ node express-session.js 
Listening on port 8080
OK

Answer 2

i am not sure but it might be related to the way i am sending the data ?

<script>

var date = new Date("05/05/2016");


$.ajax({

    type : "POST",
    url : '//localhost:8080/test_login',  
    data : {

    },
    success : function(data) {

        console.log(data);
    },
    error : function(req, errortype) {
        console.log("ERROR");
    }

});

</script>

==========================================

SOLVED!!!

it was related to the way i am sending my data, i changed it to the following :

CLIENT:

$.ajax({

    type : "POST",
    xhrFields: {withCredentials: true},  // ADDED THIS LINE
    url : '//localhost:8080/test_login',
    data : {

    },
    success : function(data) {

        console.log(data);
    },
    error : function(req, errortype) {
        console.log("ERROR");
    }

});

SERVER:

app.use(function(req, res, next) {

    res.header('Access-Control-Allow-Credentials', true);
    res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
    res.header("Access-Control-Allow-Origin", "http://localhost");
    res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    next();
});

Thank You So Much @mh-cbon

Answer 3

All about changing the sequence of Session config and routes config in

Server.js

file

Before: Error

require("./startup/cors")(app);
require("./startup/passport/passport-setup")();
require("./startup/logging")();
require("./startup/validation")();
//require("./startup/db")();
require("./startup/prod")(app);
require("./routes/index")(app);

app.use(
  session({
    secret: 'keyboard cat',//process.env.SESSION_KEY,// Used to compute a hash
    resave: false,
    saveUninitialized: false,
    store: new MongoStore({ mongooseConnection: mongoose.connection }),// Store session on DB
  })
);

After: Correct

app.use(
  session({
    secret: 'keyboard cat',//process.env.SESSION_KEY,// Used to compute a hash
    resave: false,
    saveUninitialized: false,
    store: new MongoStore({ mongooseConnection: mongoose.connection }),// Store session on DB
  })
);

require("./startup/cors")(app);
require("./startup/passport/passport-setup")();
require("./startup/logging")();
require("./startup/validation")();
//require("./startup/db")();
require("./startup/prod")(app);
require("./routes/index")(app);