Node.js + express.js + passport.js : stay authenticated between server restart

Question

I use passport.js to handle auth on my nodejs + express.js application. I setup a LocalStrategy to take users from mongodb

My problems is that users have to

Answer 1

This is because you use MemoryStore (default) for sessions. Look at this code from memory.js (part of Connect framework):

var MemoryStore = module.exports = function MemoryStore() {
  this.sessions = {};
};

and this snippet from session.js (Express)

function session(options){
    /* some code */
    , store = options.store || new MemoryStore
    /* some code */
}

Now you should understand that every server restart resets the MemoryStore. In order to keep the data you have to use some other session store. You can even write your own (shouldn't be too difficult), although Redis (see this library) might be a good choice (and it is well supported by Express).

// EDIT

According to the Connect documentation it is enough for you if you implement get, set and destroy methods. The following code should work:

customStore = {
    get : function(sid, callback) {
        // custom code, for example calling MongoDb
    },
    set : function(sid, session, callback) {
        // custom code
    },
    destroy : function(sid, callback) {
        // custom code
    }
}    

app.use(express.session({
    store: customStore
}));

You just need to implement calling MongoDb (or any other Db although I still recommend using nonpermament one like Redis) for storing session data. Also read the source code of other implementations to grab the idea.