I am using Express 3.x and connect-mongo and the request module
My App has some middleware that ensures the external request has an access_token. The access_token is checked and a some data is stored in the session. I then want to make an internal call to a url within the application, but the internal call gets issued a new session (as its a separate request from the users browser request). What I want to do is somehow copy the Express signed cookies across into the internal request() so that the middleware performs actions based on the original external session id. I have tried passing a cookie jar into the request object but it doesnt seem to support signed cookies very well. Any ideas how I can do this?
/* Middleware to check access tokens */
app.all("/*", requireAuth, function(req, res, next) {
next();
});
function requireAuth(req,res,next) {
if ( req.query.access_token && !req.session ) {
// Check the access token and popualte stuff in the session
req.session.somedata = 'test';
// Then call a url internall to do something
// My issue is that this INTERNAL request below gets a new session Id
// so it itself returns Not Authorised as its hits the same code
request({
url: 'someurlinside-this-node-app',
method: "GET"
}, function _callback(err, serviceres, body) {
next();
});
}else{
res.send('Not Authorised');
}
}
Cookies are just another header so if you want to pass it along you should be able to do this:
var cookies = req.header('Set-Cookie');
request({
url: 'someurlinside-this-node-app',
method: "GET",
headers: { 'Set-Cookie' : cookies}
}