Every time you access the "/" route you generate a new sessionId. This
means that the route below app.use(session()) will generate new uuid's for
the user session.
This not occur on routes above session definition.
On express routes are definite by the way you write it, so it not will
generate uuid's for the indexRouter and cMed.
Em sábado, 25 de julho de 2020 às 21:09:29 UTC-3, Femi Ogundele escreveu:
> Hi
>
> I am new to nodejs and web development and I am handling my first project.
>
> Please, I need assistance concerning consistent sessionId because I
> observed that despite my checks online and documentation that is available
> online, each request generates a new sessionId in my app.
>
> I use express-session with redis store; when, user logged in, it generate
> a sessionId in redis and when I redirect the user to dashboard(after
> successful login), I realise that a new sessionId is generated in express
> session but not in redis. Hence, difficult to track because it is not in
> redis. Further requests from dashboard, also generate a new sessionId in
> express session and not in redis..
>
> I would appreciate materials or sample codes on how to solve this
> challenge.
>
> Thank you,
> Femi
>
> ================================ CODE EXTRACTS...
> ----------------- config..json
> {
> "cokiepy": "secretSign#143_!223",
> "cokieName": "sid",
> "cokieAge": 120000,
> "cokieSecure": "false",
> "sessionSecret": "Myllage123$#@",
> "redis": {
> "host": "localhost",
> "port": 6379,
> "client": "client",
> "ttl": 260
> }
> }
>
> ------------- app.js extract
> var port = process.env.port || 6400;
>
> var path = require('path');
> var redis = require("redis");
> var uuid = require('uuid');
> var session = require('express-session');
> var redisStore = require('connect-redis')(session);
> var client = redis.createClient();
>
> exports.rediee = {client};
>
> var nconf = require('nconf');
> nconf.file({ file: './utilities/config/config.json' });
>
> var cookieparser = require('cookie-parser');
> var bodyparser = require('body-parser');
> var nodemailer = require('nodemailer');
>
> var mysql = require('mysql');
>
> var express = require('express');
> var app = express();
> app.set('views', path.join(__dirname, '/views')); // Set the
> default views directory to html folder
>
> app.use(express.static(path.join(__dirname,'views/html/css/')));
>
> var indexRouter = require('./routes/index');
> var cMed = require('./routes/cephasIFRS');
>
> app.set('view engine','ejs');
>
> var htmlPath = path.join(__dirname, './views/html');
> var utilPath = path.join(__dirname, './utilities');
>
> var http = require('http');
> var server = http.createServer(app);
>
> app.use(cookieparser(nconf.get('cokiepy')));
> app.use(bodyparser.json());
> app.use(express.static(utilPath));
> app.use(express.static(htmlPath));
>
> app.use(session({
> genid: (req) => {
> return uuid()
> },
> secret: nconf.get('sessionSecret'), //'ssshhhhh',
> key: 'express.sid',
> name: nconf.get('cokieName'),
> store: new redisStore({
> host: nconf.get('redis:host'),
> port: nconf.get('redis:port'),
> client: client,
> ttl : nconf.get('redis:ttl')}),
> // cokieAge was set to 2mins [ i.e. 120000 ].
> cookie: {
> httpOnly: true,
> secure: nconf.get('cokieSecure'),
> maxAge: nconf.get('cokieAge'),
> sameSite: true
> },
> //key: SESSION_KEY,
> rolling: true,
> saveUninitialized: false,
> resave: false,
> name: "id" // makes it much more difficult for any attacker to
> determine the underlying mechanisms used by our application
> }));
>
>
> app.use('/', cMed); // Add catalog routes to middleware chain.
>
> //server
> server.listen(port, () => {
> console.log(`...app running at port: ${port}`);
> client.on('ready',function() {
> console.log("Redis is ready");
> });
>
> client.on('error',function() {
> console.log("Error in Redis");
> });
>
> // test if redis server could set and get key.
> client.set('chk this out', 'H001 is the test', redis.print);
> client.get('chk this out', function (error, result) {
> if (error) {
> console.log(error);
> throw error;
> }
> console.log('GET result -> ' + result);
> });
> });
>
>
--
Job board: http://jobs.nodejs.org/
New group rules:
https://gist.github.com/othiym23/9886289#file-moderation-policy-md
Old group rules:
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
---
You received this message because you are subscribed to the Google Groups
"nodejs" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to nodejs+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/nodejs/8f930e29-bebb-435d-9d9b-a4703e884199n%40googlegroups.com.
