Cookies and sessions on Express.js, I am unable to understand how this works..

... well I sort of get it, but here is my code

import express from "express";
import cookieParser from "cookie-parser";
import session from "express-session";
.
. //(here I have set up cookie parser and session with Cookie enabled)
.
// main route
app.get("/", (request, response) => {
    // get session information
    console.log(request.session);
    console.log(request.session.id);
    request.session.visited = true; // <-- session persistance

    response.cookie("hello", "Express", {
        maxAge: 1000 * 60 * 60, // cookie will expire in 60 minutes
        signed: true, // cookie will be signed
    });
    response.status(200).send({
        message: "hello from express",
    });
});

// authentication middleware
app.post("/api/auth", (request, response) => {
    console.log(request.session.id);
    const {
        body: { displayName, password },
    } = request;
    const findUser = mockData.find((user) => user.displayName === displayName);

    if (!findUser || findUser.password !== password)
        return response.status(401).send({ message: "Invalid Credentials" });

    request.session.user = findUser; // <--- session persistance
    return response.status(200).send(findUser);
});

app.get("/api/auth/status", (request, response) => {
    console.log(request.session);
    console.log(request.session.user);
    return request.session.user
        ? response.status(200).send(request.session.user)
        : response.status(401).send({ message: "Not Logged In, Bad Credentials" });
});

// to get list of items
// server listening on port 3000
app.listen(PORT, () => {
    console.log(`Server is running on port ${PORT}`);
});

import express from "express";
import cookieParser from "cookie-parser";
import session from "express-session";
.
. //(here I have set up cookie parser and session with Cookie enabled)
.
// main route
app.get("/", (request, response) => {
    // get session information
    console.log(request.session);
    console.log(request.session.id);
    request.session.visited = true; // <-- session persistance

    response.cookie("hello", "Express", {
        maxAge: 1000 * 60 * 60, // cookie will expire in 60 minutes
        signed: true, // cookie will be signed
    });
    response.status(200).send({
        message: "hello from express",
    });
});

// authentication middleware
app.post("/api/auth", (request, response) => {
    console.log(request.session.id);
    const {
        body: { displayName, password },
    } = request;
    const findUser = mockData.find((user) => user.displayName === displayName);

    if (!findUser || findUser.password !== password)
        return response.status(401).send({ message: "Invalid Credentials" });

    request.session.user = findUser; // <--- session persistance
    return response.status(200).send(findUser);
});

app.get("/api/auth/status", (request, response) => {
    console.log(request.session);
    console.log(request.session.user);
    return request.session.user
        ? response.status(200).send(request.session.user)
        : response.status(401).send({ message: "Not Logged In, Bad Credentials" });
});

// to get list of items
// server listening on port 3000
app.listen(PORT, () => {
    console.log(`Server is running on port ${PORT}`);
});

So I get the Idea to set up some values on session to make it persistent, but here in the example, when I print session IDs here in GET-/, POST-/api/auth, GET-/api/auth/status, those are completely different and results in throwing 401 on GET-/api/auth/status. can you help me where I am getting things wrong?

0 Replies

No replies yetBe the first to reply to this messageJoin

Gaming

Programming

Cookies and sessions on Express.js, I am unable to understand how this works..

Did you find this page helpful?