I've read this topic Node.js + express.js + passport.js : stay authenticated between server restart and I need exactly the same thing, but for Redis. I used such code:
var RedisStore = require('connect-redis')(express);
app.use(express.session({
secret: "my secret",
store: new RedisStore,
cookie: { secure: true, maxAge:86400000 }
}));
And it doesn't work. To connect Redis I use connect-redis module. What I'm doing wrong? Thanks!
UPD: I don't get any errors. To ensure auth processes succesfully, I added log-line, and it executes.
function(email, password, done) {
// asynchronous verification, for effect...
process.nextTick(function() {
findByEmail(email, function(err, user) {
if (!user) {
return done(null, false, {
message: 'Unknown user ' + email
});
}
if (user.password != password) {
return done(null, false, {
message: 'Invalid password'
});
}
//just logging that eveything seems fine
console.log("STATUS: User " + email + " authentificated succesfully");
return done(null, user);
})
});
}));
Log with express.logger() enabled was:
127.0.0.1 - - [Fri, 19 Oct 2012 05:49:09 GMT] "GET /ico/favicon.ico HTTP/1.1" 404 - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4"
STATUS: User admin authentificated succesfully
I do suppose that there is nothing wrong with auth/users/credentials/serializing/deserializing itself. The problem is just passport cannot set cookie to Redis and the read it.
Redis is perfect for storing sessions. All operations are performed in memory, and so reads and writes will be fast. If you cannot afford losing any sessions, set appendfsync always in your configuration file. With this, Redis guarantees that any write operations are saved to the disk.
Session data is stored server-side. The default server-side session storage is MemoryStore."
Here, since sess is global, the session won't work for multiple users as the server will create the same session for all the users. This can be solved by using what is called a session store. We have to store every session in the store so that each one will belong to only a single user.
Passport uses serializeUser function to persist user data (after successful authentication) into session. The function deserializeUser is used to retrieve user data from session and perform some condition-based operations.
I should use
cookie: { secure: false, maxAge:86400000 }
try this out, instead of passing express to const RedisStore
pass session.
const redis = require('redis');
const session = require('express-session');
const redisStore = require('connect-redis')(session);
const cookieParser = require('cookie-parser');
const app = require('../app');
app.app.use(cookieParser("secret"));
const rediscli = redis.createClient();
app.app.use(session({
secret: 'secret',
store: new redisStore({
host: '127.0.0.1',
port: 6379,
client: rediscli,
ttl: 260
}),
saveUninitialized: false,
resave: false
}));
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With