Update logged in user details in session

Question

I am using PassportJS with ExpressJS.

I need to update the logged in user details. While I do update this in the DB, how do I update it in the session too so that re

Answer 1

I had similar problem today and decided to share my findings, since i couldn't find similar answer.

The problem was that (copied from passport documentation) i was getting the user data directly from the token, that the user sent in the request. Which was of course outdated.

passport.use(new JWTStrategy({
    jwtFromRequest: ExtractJWT.fromAuthHeaderAsBearerToken(),
    secretOrKey   : CONFIG.JWT_SECRET
  },
  function (jwtPayload, cb) {
    return cb(null, jwtPayload);
  }
));

while i should get the fresh user object from the database instead:

return User.findById(jwtPayload.id)
  .then(user => {
    return cb(null, user);
  })
  .catch(err => {
    return cb(err);
  });