问题
I want to use cookie session store with Passport because memory store is not designed for production:
Warning: connection.session() MemoryStore is not
designed for a production environment, as it will leak
memory, and will not scale past a single process.
Here's my Express initialization:
app.use(express.bodyParser({keepExtensions:true}));
app.use(express.cookieParser(cookieSecret));
app.use(express.cookieSession({
key: cookieKey,
secret: cookieSecret,
maxAge: sessionTimeout
}));
app.use(passport.initialize());
app.use(passport.session());
app.use(express.methodOverride());
app.use(express.static(__dirname + '/public'));
Everything works normally if I change express.cookieSession to express.session. When using cookieSession user login succeeds but the user is not logged in anymore after next page load occurs. Any tips how to make passport work with cookie sessions?
I'm using Express 3.0.0
回答1:
The initialization of cookieSession isn't correct. Try this:
app.use(express.cookieSession({
key : cookieKey,
secret : cookieSecret,
cookie : {
maxAge: sessionTimeout
}
}));
Also, make sure that sessionTimeout is in milliseconds.
回答2:
I know this is old, but I had the same issue. Turns out you don't need to (in fact you can't) set the secret option in both cookieParser and cookieSession.
See my answer on my own post: https://stackoverflow.com/a/30109922/3500059
来源:https://stackoverflow.com/questions/19011531/using-cookiesession-with-passport