https://stackoverflow.com/questions/22680707
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianHaving "Continue where you left off" ticked in chrome options seems to be the problem. Doesn't clear the session on browser close with this ticked.
Passport Sessions not getting destroyed on browser close
-
22-06-2023 - |
Question
I have a Node.js server and I am using passport for session management. Planning on using it to implement remember me functionality for the server soon. But I have a problem where the normal sessions are basically acting as a remember me. Aka the session cookie connect.sid is not getting destroyed on browser close which I believe is not the correct behavior. I am using connect-bluesky as the session store (uses azure tables) and couchbase for storing default session information for future use.
Relevant code:
Server.js
app.configure(function()
{
app.use(express.logger('dev')); // log every request to the console
// set up our express application
app.use(express.cookieParser());
app.use(express.json())
.use(express.urlencoded());
app.use(express.static(__dirname));
var db = new couchbase.Connection({host: 'http://localhost:8091', bucket: 'default'}, function (err){
console.log("In cb connect");
console.log(err);
});
app.use(express.session({secret: 'SECRET',
store: new BlueskyStore({
account: 'ACCOUNT',
key: 'KEY',
table: 'sessionsTable',
cookie: { path: '/', httpOnly: true, maxAge: null }
})
}));
app.engine('html', engines.ejs);
//app.set('views', __dirname+'/views');
app.set('view engine', 'html');
var data = fs.readFileSync( __dirname+"/"+process.argv['2'],'utf8');
GLOBAL.infoJSON = JSON.parse(data);
require('./config/passport')(passport, infoJSON);
app.use(passport.initialize());
app.use(passport.session()); // persistent login sessions
app.use(flash()); // use connect-flash for flash messages stored in session
app.use(app.router);
});
Routes.js
function isLoggedIn(req, res, next) {
if (req.isAuthenticated())
return next();
res.redirect('/');
}
app.post('/login2', passport.authenticate('local-login'),
function(req, res)
{
var input = "irrelevant input string";
var loginInfo = {
input : input,
userName : req.user.id,
repoId : req.user.repoId
}
edgeMod.loginWF(loginInfo, req, res, function (req, res, result)
{
res.write(result);
res.end();
});
});
app.get('/logout', function(req, res)
{
req.logout();
res.redirect('/');
});
passport.js
passport.serializeUser(function(user, done) {
db.set(user.id, user, function(err, result) {
done(null, JSON.stringify(user));
});
});
passport.deserializeUser(function(json, done)
{
var user = JSON.parse(json);
db.get(user.id, function(err, result)
{
if (result)
{
done(null, result.value);
}
else
{
done(new Error("Bad JSON string in session"), null);
}
});
});
passport.use('local-login', new LocalStrategy({
usernameField : 'email',
passwordField : 'password',
passReqToCallback : true
},
function(req, email, password, done)
{
---login checks---
return done(null, serializeJson);
});
}));
How do I ensure sessions get destroyed on browser close? Any tips for doing this as its my 1st time doing something like this?
EDIT: It seems to be clearing the session on browser close in Firefox but not in chrome. Could this have something to do with chrome remembering pages on close?
La solution
Licencié sous: CC-BY-SA avec attribution
Non affilié à StackOverflow
