My web application production deployment is on 2 servers behind a load-balancer.
I'm using passport (local strategy) with session for authentication.
When the application runs on one server everything works fine, but in production one server doesn't recognize the cookie/session established by the other server (Each request gets randomally sent to a different server, I can't control it).
As a result - i'm redirected to the login page when attempting to access pages that require authentication (even after i login).
How can i get the two servers to create a session cookie that they both recognize (obviously i used the same secret for the express session middleware).
Thanks,
Alon
Option 1
Configure the load-balancer to always route the same ip to the same machine. Might be problematic for users who change network.
Option two
Use a third machine running the database and set up express.session (and any other database connections for that matter) to use that machine as store. This question/answer mentions how to do it with mongoose/mongodb.
I think this is the more common solution but is of course more expensive if you don't need a third machine.