In node.js my auth library (lockit) is not setting session after logging in successfully. (Disclaimer: I am not condoning the use of lockit, I think it is positively terrible in every way.)
I read lockit source code and found this code:
// create session and save the name and email address
req.session.name = user.name;
req.session.email = user.email;
Here is my express config:
app.use(bodyParser.urlencoded({extended: true}));
app.use(bodyParser.json());
app.use(cookieParser());
app.use(cookieSession({
secret: 'this is my super secret string'
}));
app.use(lockit.router);
After I login with a user, I send another request with the same browser and the cookie is the same that gets set from the login request...
After successful login here is the Set-Cookies I get:
Set-Cookie express:sess=eyJmYWlsZWRMb2dpbkF0dGVtcHRzIjowLCJuYW1lIjoianVzdGluIiwiZW1haWwiOiJqdXN0aW5Ad2ViaW52ZXJ0ZXJzLmNvbSIsImxvZ2dlZEluIjp0cnVlfQ==; path=/; httponly
Set-Cookie express:sess.sig=FMcv9fswWmWG6A7hpOEnEysbqd4; path=/; httponly
Then my request after the login contains these cookies:
express:sess eyJmYWlsZWRMb2dpbkF0dGVtcHRzIjowLCJuYW1lIjoianVzdGluIiwiZW1haWwiOiJqdXN0aW5Ad2ViaW52ZXJ0ZXJzLmNvbSIsImxvZ2dlZEluIjp0cnVlfQ==
express:sess.sig FMcv9fswWmWG6A7hpOEnEysbqd4
But even though the cookie is there, I'm getting: req.session === undefined
I've never used these technologies before, so it could be something really stupid that I am doing...
I'm the author of Lockit and I'm sure we will find a solution to your problem. Did you go through all the required steps to install Lockit? Here is what I just did and it works fine.
Create a new Express app (Express 4.2.0 in my case).
express
Install Express dependencies.
npm install
Install Lockit and Sessions.
npm install lockit cookie-session --save
Install CouchDB adapter.
npm install lockit-couchdb-adapter --save
Create a config.js with the URL of your CouchDB
// settings for local CouchDB
exports.db = 'http://127.0.0.1:5984/';
Initiate Lockit with your config.
// in your header
var cookieSession = require('cookie-session');
var Lockit = require('lockit');
var config = require('./config.js');
var lockit = new Lockit(config);
// after all your other middleware
app.use(cookieSession({
secret: 'my super secret String'
}));
app.use(lockit.router);
Start your app.
DEBUG=tmp ./bin/www
You can now navigate to http://localhost:3000/signup and create a new user. If you haven't set up any email server you have to look in your database (in my case at http://127.0.0.1:5984/_utils/database.html?_users) for your signup token. Then go to http://localhost:3000/signup/:token to activate your new user.
Great, you can now use your username (or email) and password to log in. To access the currently logged in user in your own routes use req.session.
// default routes from Express
app.use('/', routes);
app.use('/users', users);
// your own custom route
app.get('/awesome', function(req, res) {
console.log(req.session.name);
console.log(req.session.email);
res.send('awesome');
});
I hope I could help you. If you've got any other problems just let me know.
http://localhost:3000/signup/:token doesn't work, must be http://localhost:3000/signup/token (without the column)