Socket.io, Passport, MongoDB & passport.socketio broken in production

Question

I built a nodejs application relaying on socket.io, using Passport & passport.socketio for authentication and authorization, and mongodb with connect-mongo for session store.

It works well on my laptop, but when I moved to the Cloud (Azure-VM) I started getting strange errors.

05-02-2014, 11:47:06.500 Listening on port 8081 (https)

/home/azureuser/myapp/node_modules/mongodb/lib/mongodb/connection/base.js:242
    throw message;      
          ^
Error: Error in session store:
Error: failed to deserialize user out of session
    at Object.io.set.passportSocketIo.authorize.fail     (/home/azureuser/myapp/lib/express/socketio.js:25:23)
    at /home/azureuser/myapp/node_modules/passport.socketio/lib/index.js:48:21
    at /home/azureuser/myapp/node_modules/connect-mongo/lib/connect-mongo.js:229:23
    at /home/azureuser/myapp/node_modules/mongodb/lib/mongodb/collection/query.js:147:5
    at Cursor.nextObject (/home/azureuser/myapp/node_modules/mongodb/lib/mongodb/cursor.js:733:5)
    at commandHandler (/home/azureuser/myapp/node_modules/mongodb/lib/mongodb/cursor.js:713:14)
    at /home/azureuser/myapp/node_modules/mongodb/lib/mongodb/db.js:1806:9
    at Server.Base._callHandler (/home/azureuser/myapp/node_modules/mongodb/lib/mongodb/connection/base.js:442:41)
    at /home/azureuser/myapp/node_modules/mongodb/lib/mongodb/connection/server.js:485:18
    at MongoReply.parseBody (/home/azureuser/myapp/node_modules/mongodb/lib/mongodb/responses/mongo_reply.js:68:5)

Any ideas where to start?

Answer 1

ok I found it, passport.socketio has its depends on Passport and has it's own "version" of passport. Which means that in my code when I set serializeUser/deserializeUser it only affects the passport I use for the REST:

passport.serializeUser(function(user, done) {
    done(null, user);
});
passport.deserializeUser(function(id, done) {
    done(null, id);
}); 

While passport.socketio by default does:

var defaults = {
  passport:     require('passport'),
  key:          'connect.sid',
  secret:       null,
  ...
};

Meaning the serializeUser/deserializeUser are not used, which in turn causes this:

Error: failed to deserialize user out of session

The solution is pretty simple just to pass the passport used for the REST to the passport.socketio

io.set('authorization', passportSocketIo.authorize({
    passport : passport,
    cookieParser: express.cookieParser,
    ...
 }));