Express/Passport local authentication multiple servers

Question

I am building a real time web application with angular js, express js and passport js.

The passport authentication is working fine on the main server. I have written a second logging server also in express js and want to use this to simply receive http POST requests from an angular js service. This will enable client side exceptions/errors to be recorded and available for debugging purposes etc. I don't want to introduce a dependency on logging in the main server so to have this logically separated.

I am thinking about introducing a redis store for passport/express sessions so that the logging server is also subject to authentication and sessions can be shared across the two servers. I am not sure how to implement this session sharing though.

In this scenario what is the best practice is for authenticating across the two servers - I don't want the user to have to log in twice.

Answer 1

You nailed it down. redis store yes. There's no need for manual implementation. Have both servers use same instance of redis server (i.e. cloud redis, installed locally on only one machine etc). express sessions have the ability to use redis store (take a look at connect-redis package). Sharing is accomplished automatically since both stacks will communicate with same redis store.

The way it works in details, when the user is auth the connect.sid cookie gets written to the browser. then subsequent requests (i.e. to second server) will transmit this cookie. second server sees the SID and looks it up and finds it and retrieves the same session from redis.

It's hands off implementation.