Passport sessions persistance

StackOverflow https://stackoverflow.com/questions/23250709

  •  08-07-2023
  •  | 
  •  

Question

I'm doing a webapp with express, passport and a mysql db.

Users are stored in a table on my db, when a user does a login the app looks for the entry on the user tab on db and if it's found user is authenticated. Everything is working but when user closes the browser, session is destroyed and he needs to login again. I'd like users would be logged in until an explicit logout.

I tryed using express-mysql-session plugin and it saves sessions on his db table but nothing more.

This is the relevant code (not relevant details are omitted):

var passport = require("passport");
var LocalStrategy = require('passport-local').Strategy;
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var session = require('express-session');
var SessionStore = require('express-mysql-session');

passport.serializeUser(function(user, done) {
        done(null, user);
});

passport.deserializeUser(function(user, done) {
    done(null, user);
});

passport.use(new LocalStrategy(function(username, password, done) {
    process.nextTick(function() {
        console.log('passport: veryfing user ...');
// sequelizejs looks for user...            
tabUser.find({ where: {nick: username, passwd: password}       }).success(function(myUser) {
            if (myUser) {
                console.log('passport: user authenticated !!');
                return done(null, myUser);
            } else {
                console.log('passport: auth failed !!');
                return done(null, false); 
            }
});
});
}));

app.use(session({key: 'session_cookie_name',
        secret: 'session_cookie_secret',
        store: new SessionStore(options)
}));
app.use(passport.initialize());
app.use(passport.session());

app.get('/login', function(req, res) {
    res.sendfile('views/login.html');
});

app.post('/login', passport.authenticate('local', { successRedirect: '/loginSuccess',  failureRedirect: '/loginFailure' }));

app.get('/account', ensureAuthenticated, function(req, res) {
    res.render('account', { user: req.user });
});

function ensureAuthenticated(req, res, next) {
    if (req.isAuthenticated()) {
        return next(); 
    }
    res.redirect('/login')
}

Thanks

Was it helpful?

Solution

You can configure express-session to set a Max-Age on the session cookie.

app.use(express.session({
  cookie : {
    maxAge: 3600000 // see below
  },
  store : new MongoStore(...)
});
...
app.use(passport.session());
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top