I've made my webapp using React.js and Express.js as a web-server. React is connected to Express with this (for now) in package.json:
"proxy": "http://localhost:5000/"
and in my Express server I've used this to handle sessions:
const cookieSession = require('cookie-session');
and this:
app.use(cookieSession({
name: 'parse-session',
secret: "SECRET_SIGNING_KEY",
maxAge: 15724800000
}));
so when I use login to my API it works ok and this is the code to check if currentUser exist:
return new Promise((resolve,reject)=>{
if(req.session.token){
console.log(req.session.token);
request({
uri:'http://myserver.herokuapp.com/parse/users/me',
headers: {
'X-Parse-Application-Id': 'my-app-id',
'X-Parse-Session-Token': req.session.token
},
json:true
}).then((userData) => {
if(userData){
resolve(userData);
}
}).catch((error) => {
reject(error);
});
}
and it works without problem, with this call in React:
fetch('/user',{credentials:'include'})
.then((response)=>{
return response.json();
})
.then((body)=>{
if(body.user){
this.setState({logIn:true});
}
}).catch((error)=>{
console.log('My error:',error);
});
The problem is when I try to logout: I do this on React:
axios.post('/logout').then((res)=>{
console.log(res);
}).catch((err)=>{
console.log(err);
});
and this is logout on Express:
app.post('/logout',(req,res)=>{
if(req.session){
req.session.destroy((error)=>{
if(error){
console.log(error);
}
});
}
});
that gives to me this error message:
TypeError: req.session.destroy is not a function
why? I've seen that destroy() is a function. I've also tried to put :req.session = null
but, when you call after the promise to check if session exist it currently alive.
Why? How could I use to solve it?
Thanks
session. destroy // Deletes the session in the database.
Here, since sess is global, the session won't work for multiple users as the server will create the same session for all the users. This can be solved by using what is called a session store. We have to store every session in the store so that each one will belong to only a single user.
saveUninitialized : When an empty session object is created and no properties are set, it is the uninitialized state. So, setting saveUninitialized to false will not save the session if it is not modified. The default value of both resave and saveUninitialized is true, but using the default is deprecated.
js session. Express - a web framework for Node. js used to create HTTP web servers. Express provides an easy-to-use API to interact with the webserver. Express-session - an HTTP server-side framework used to create and manage a session middleware.
req.session.destroy
is the call to use if you are using express-session
npm module. However, you are using cookie-session
which in its current version does not define req.session.destroy
resulting in the error that you are getting.
To destroy the session while using cookie-session
, you just need to set it to null: req.session = null
. If you decide to use express-session
instead, then req.session.destroy
would work.
References:
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With