发表新帖
发表新帖

Node.js Express Passport Cookie Expiration

前端 未结
关注
2 1302
佛祖请我去吃肉
佛祖请我去吃肉 2020-12-14 02:59

I am using Passport for authentication in my app, and I am also using Express. To summarize my issue: my login functionality works fine initially, but after any<

2条回答
  • 北海茫月
    北海茫月 (楼主)
    2020-12-14 03:44

    I figured it out, although I don't love the answer.

    tl;dr; - use maxAge instead of expires.

    The issue was rooted in the expiration date set on each cookie (which is automatically set by Express). I noticed that every cookie that was set had the same expiration date, which eventually ended up being in the past and hence instantly expiring.

    The cause of that was here:

    cookie: { expires : new Date(Date.now() + 3600000) }

    The new Date was being created only once, upon server start. That was causing the expiration date to be the same every time. Based on code in the original post, I can't figure out why it doesn't work and yet every example I've found online uses the exact same code. I verified this by defining a function that created this Date, and checking that it only got called upon server start.

    To fix this issue, I am defining maxAge instead of "expires". maxAge takes a number of milliseconds, rather than a date, and it appears to be setting the expiration date on all cookies correctly.

    I would love to hear if anyone can explain why this is happening in the first place, since others seem to use it successfully. Any thoughts?

    See my working code below

    app.configure(function(){
    app.set('port', process.env.PORT || 3000);
    app.set('views', __dirname + '/views');
    app.engine('html', consolidate.swig);
    app.set('view engine', 'html');
    swig.init({
        root: '.',
        allowErrors: true, // allows errors to be thrown and caught by express instead of suppressed
        autoescape: false});

    app.use(express.logger('dev'));

    app.use(express.bodyParser());
    app.use(express.methodOverride());
    app.use(express.cookieParser("[mysecrethere]"));
    app.use(express.session({   store: sessionStore,
                            cookie: { maxAge : 3600000 } //1 Hour
                            }));
    app.use(passport.initialize());
    app.use(passport.session());
    app.use(flash());
    app.use(expressValidator);

    app.use(express.static(path.join(__dirname, 'public')));

    //Dynamic helpers
    app.use(require('./helpers/DynamicHelpers'));

    app.use(app.router);
});

    0 讨论(0)
 看不清?
提交回复
热议问题