Passport Sessions not getting destroyed on browser close

StackOverflow https://stackoverflow.com/questions/22680707

Pregunta

I have a Node.js server and I am using passport for session management. Planning on using it to implement remember me functionality for the server soon. But I have a problem where the normal sessions are basically acting as a remember me. Aka the session cookie connect.sid is not getting destroyed on browser close which I believe is not the correct behavior. I am using connect-bluesky as the session store (uses azure tables) and couchbase for storing default session information for future use.

Relevant code:

Server.js

app.configure(function()
{
    app.use(express.logger('dev')); // log every request to the console
    
    // set up our express application
    app.use(express.cookieParser());
    app.use(express.json())
    .use(express.urlencoded());

    app.use(express.static(__dirname));

    var db = new couchbase.Connection({host: 'http://localhost:8091', bucket: 'default'}, function (err){
        
        console.log("In cb connect");
        console.log(err);

    });

    app.use(express.session({secret: 'SECRET', 
        store: new BlueskyStore({
          account: 'ACCOUNT',
          key: 'KEY',
          table: 'sessionsTable',
          cookie: { path: '/', httpOnly: true, maxAge: null }
        })
    }));

    app.engine('html', engines.ejs);
    //app.set('views', __dirname+'/views');
    app.set('view engine', 'html');

    var data = fs.readFileSync( __dirname+"/"+process.argv['2'],'utf8');
    GLOBAL.infoJSON = JSON.parse(data);
    
    require('./config/passport')(passport, infoJSON);
    app.use(passport.initialize());
    app.use(passport.session()); // persistent login sessions
    app.use(flash()); // use connect-flash for flash messages stored in session

    app.use(app.router);

});

Routes.js

function isLoggedIn(req, res, next) {

    
    if (req.isAuthenticated())
        return next();

    res.redirect('/');
}

app.post('/login2', passport.authenticate('local-login'),
  function(req, res) 
  {
    var input = "irrelevant input string";

    var loginInfo = {
        input : input,
        userName : req.user.id,
        repoId : req.user.repoId
    }

    edgeMod.loginWF(loginInfo, req, res, function (req, res, result)
    {
        res.write(result);
        res.end();
    });
});

app.get('/logout', function(req, res)
{
  req.logout();
  res.redirect('/');
});

passport.js

    passport.serializeUser(function(user, done) {

        db.set(user.id, user, function(err, result) {
            done(null, JSON.stringify(user));
        });
        
    });

    passport.deserializeUser(function(json, done) 
    {      
        var user = JSON.parse(json);        
        db.get(user.id, function(err, result) 
        {
            if (result)
            {
                
                done(null, result.value);
            }
            else
            {
                done(new Error("Bad JSON string in session"), null);
            }
        });
       
    });

  passport.use('local-login', new LocalStrategy({
        
        usernameField : 'email',
        passwordField : 'password',
        passReqToCallback : true 
    },
    function(req, email, password, done) 
    { 
        ---login checks---
        return done(null, serializeJson);
            
        });

    }));

How do I ensure sessions get destroyed on browser close? Any tips for doing this as its my 1st time doing something like this?

EDIT: It seems to be clearing the session on browser close in Firefox but not in chrome. Could this have something to do with chrome remembering pages on close?

¿Fue útil?

Solución

Having "Continue where you left off" ticked in chrome options seems to be the problem. Doesn't clear the session on browser close with this ticked.

Licenciado bajo: CC-BY-SA con atribución
No afiliado a StackOverflow
scroll top