Shared Sessions between Node Apps?

Question

I currently have two separate node apps running on two different ports but share the same backend data store. I need to share users sessions between the two apps so that wh

Answer 1

Maybe a bit outdated, but at this time, Express-session can recognise domain option for cookie. According to source:

function session(options){
  var options = options || {}
  //  name - previously "options.key"
    , name = options.name || options.key || 'connect.sid'
    , store = options.store || new MemoryStore
    , cookie = options.cookie || {}
      ...

And this is for setting cookie:

var Cookie = module.exports = function Cookie(options) {
  this.path = '/';
  this.maxAge = null;
  this.httpOnly = true;
  if (options) merge(this, options);
  ...

So, something like this will work for current 1.10.1 master:

secret: "my secret",
    cookie: {
        domain: "mydomain.com",

Answer 2

Express-session does not seem to recognize the "domain" option for cookies hence your problem. The cookie storing the session id is automatically tied to the domain for each app and so it cannot be shared.

One option is to write your own single-sign-on module to share sessions across webapps. It would probably live in an app.use() declaration fairly early in the execution order and would simply create a separate cookie (which would be cross-domain), create a separate SSO session id, and store the SSO id in this new cookie. Afterwards, you simply cross-populate req.session and req.sso-session as needed.