Issue: Node Express can't get session value with post request - node.js

I am developing a Shopify App in node.js. I am using different Shopify webhooks for different actions. similarly for a specific scenario I need to use session value while I am getting response from Shopify API. So in this scenario the session is not working for me. Please have a look on below code.
My code in index.js
const express = require('express');
const app = express();
var session = require('express-session');
app.set('trust proxy', 1); // trust first proxy
app.use(session({
secret: 'keyboard cat',
resave: false,
saveUninitialized: true,
cookie: {
httpOnly: false,
secure: true,
maxAge: 60000
}
}));
//Set the session
app.get('/check_timewindow_orders', function (req, res, next) {
req.session.delvy_date = query.date_select;
});
app.use(function (req, res, next) {
res.locals.delvy_date = req.session.delvy_date;
next();
});
I get the session value in app.get and app.post.
app.get('/order_created_get', function (req, res) {
console.log(req.cookies.delDate);
// It display the value store in session.
});
But I cannot get the session value when I get the post from shopify Order Create Webhook API.
app.post('/order_created', function (req, res) {
console.log(req.cookies.delDate); // It display Null.
});

You are not actually using the session.
You need to add it as middleware:
app.get('/check_timewindow_orders', session, function(req, res, next){
req.session.delvy_date = req.query.date_select;
});
app.use(session, function(req, res, next) {
res.locals.delvy_date = req.session.delvy_date;
next();
});

Related

NodeJS / express-session - persist session variables between routes

I am trying to set up session variables that would persist between routes.
Problem is, that doesn't seem to happen. When I make a post request, the session variable is updated accordingly - however when trying a different get route via postman (and checking console output), the variable is empty
Here's the code:
const express = require('express')
const session = require('express-session')
const bodyParser = require('body-parser')
const app = express()
app.use(session({
secret: 'test one',
resave: false,
saveUninitialized: true,
name: "mycookiesession",
cookie: { secure: false }
}))
let mySession
app.use(function (req, res, next) {
mySession = req.session
mySession.basket = []
next()
})
app.get('/basket', function (req, res) {
console.log(mySession.basket)
res.send(mySession.basket)
})
app.post('/basket/add', function (req, res) {
mySession.basket = [0, 1, 2]
console.log(mySession.basket)
res.send('null')
res.status(201).end()
})
app.listen(3000, function () {
console.log('Example app listening')
})
What am I doing wrong? I just need to see the value added to the basket by post:basket/add when retrieving the var in the get:basket route
Cheers
You have a middleware the sets basket = [] in your session for every incoming request. This middleware is executed for every request, because the app.use(function ...) command does not specify a path.

node.js express-session not working in router

i have a some problem
i'm using express-session middleware in my app
it work
but
It did not work on any particular router.
my code is follows
//app.js
app.use(session({
secret: 'D$YTRH#%#$#^$#YR',
resave: false,
saveUninitialized: true,
}))
//assign session in outside
app.get(/*, (req, res, next)=>{
req.session.outSide = "outSideBlah"
next()
}
//my session Check middleware
app.get('/*', (req, res, next)=>{
console.log(req.session._inSide)
console.log(req.session._outSide)
next()
}
const auth = require('./routes/auth.js')(express)
app.use('/auth', auth)
//auth.js (my router)
//assign session in router ( inside)
module.exports = (express) => {
const auth = express.Router()
auth.post('/login', (req, res)=>{
req.session._inside = 'insideBlah' //Assign a session here
............some auth code ......
}
return auth
}
after login
in my session Check middleware
console.log(req.session.inSide) // undefined
console.log(req.session.outSide) // "outSideBlah"
Even though I assigned req.session.inSide in auth.js
req.session.inside is undefined
What is the problem?
Why can not I access a session assigned by my router (auth.js)?
somebody help me.. thank you...
Also I think you should use * instead of /*.

Passport authentication not work for one specific route with express router

I'm trying to access 'testpage' route. But the req.isAuthenticated() returns false only for this route. (This route was there before I started to add authentication).
I'm able to go to login page and authenticate with google. Then I can access 'signup' or 'user_profile' route without problems.
After login if I try:
localhost:8080/testpage
the server sends me to "/". But if I try:
localhost:8080/testpage#
with hash sign in the end, the page is rendered.
// routes/users.js
var express = require('express');
var router = express.Router();
module.exports = function (passport) {
router.get('/login', function (req, res) {
res.render('login', { message: req.flash('loginMessage') });
});
router.get('/auth/google', passport.authenticate('google', { scope: ['profile', 'email'] }));
router.get('/auth/google/callback',
passport.authenticate('google', {
successRedirect: '/',
failureRedirect: '/'
}));
router.get('/user_profile', isLoggedIn, function (req, res) {
res.render('user_profile');
});
router.get('/signup', isLoggedIn, function (req, res) {
res.render('signup');
});
router.get('/testpage', isLoggedIn, function (req, res) {
res.render('testpage');
});
return router;
};
function isLoggedIn(req, res, next) {
if (req.isAuthenticated())
return next();
res.redirect('/');
}
Any ideas why this is happening?
* update *
Here my app.js
var express = require('express');
var path = require('path');
var favicon = require('serve-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var passport = require('passport');
var flash = require('connect-flash');
var session = require('express-session');
var db = require('./mongoose');
var app = express();
require('./config/passport')(passport);
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'hbs');
// uncomment after placing your favicon in /public
//app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.use(session({
secret: 'secret123',
resave: true,
saveUninitialized: true
}));
app.use(passport.initialize());
app.use(passport.session());
app.use(flash());
var users = require('./routes/users')(passport);
app.use('/', users);
// catch 404 and forward to error handler
app.use(function(req, res, next) {
var err = new Error('Not Found');
err.status = 404;
next(err);
});
// error handler
app.use(function(err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : {};
// render the error page
res.status(err.status || 500);
res.render('error');
});
module.exports = app;
It could be due to the express-session middleware that is needed for passport. you can fix it by using middleware in following order.
var session = require('express-session')
var app = express()
app.set('trust proxy', 1) // trust first proxy
app.use(session({
secret: 'yoursecret',
resave: true,
saveUninitialized: true,
cookie: { secure: true },
// you can store your sessions in mongo or in mysql or redis where ever you want.
store: new MongoStore({
url: "mongourl",
collection: 'sessions' // collection in mongo where sessions are to be saved
})
}))
// Init passport
app.use(passport.initialize());
// persistent login sessions
app.use(passport.session());
See https://github.com/expressjs/session for more details.
Also I think so you have not config google strategy.
try some thing like following
var GoogleStrategy = require('passport-google-oauth').OAuthStrategy;
// Use the GoogleStrategy within Passport.
// Strategies in passport require a `verify` function, which accept
// credentials (in this case, a token, tokenSecret, and Google profile), and
// invoke a callback with a user object.
passport.use(new GoogleStrategy({
consumerKey: GOOGLE_CONSUMER_KEY,
consumerSecret: GOOGLE_CONSUMER_SECRET,
callbackURL: "http://www.example.com/auth/google/callback"
},
function(token, tokenSecret, profile, done) {
User.findOrCreate({ googleId: profile.id }, function (err, user) {
return done(err, user);
});
}));
Finally after one entire day I just realized that when I was typing localhost:8000/testpage in the url bar it was been changed to www.localhost:8000/testpage. And the auth dos not work with www*. Another thing is that google chrome tries to predict what url you will type and this could cause this type of error, and it is annoying at debugging. So I unchecked this options at chrome's settings, preventing prediction.

Node Express Session not being saved

Im trying to get sessions working with node. Im using Express 4.8.7. Im following th tutorial here.
I have built an API in node running on port 8080. I have an Angular app running on port 8081.
At the top of my server.js file i have:
var session = require('express-session');
var bodyParser = require('body-parser');
app.use(session({
secret: 'ssshhhhh'
}));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
extended: true
}));
var sess;
When I login, I do:
app.post('/login', function(req, res) {
var successCallback = function(res, status, content) {
sess = req.session;
sess.email = req.body.email;
console.log('in LOGIN and req.session is ', req.session);
sendJsonResponse(res, status, content);
}
ctrlUsers.signin(req, res, successCallback);
});
And after login, the frontend does a request to a /files endpoint:
app.get('/files', function(req, res){
console.log('in files route and req.session is ', req.session);
});
In the example I have linked to above, the req.session should contain a property with the email address. But it doesnt, it just contains:
{ cookie:
{ path: '/',
_expires: null,
originalMaxAge: null,
httpOnly: true } }
Any ideas why the session isn't getting saved correctly?
change
app.get('/files', function(req, res){
console.log('in files route and req.session is ', req.session);
});
to ==>
var usersession = req.session;
app.get('/files', function(req, res){
console.log('in files route and req.session is ', usersession);
});

How can I use Node.js Express-session inside a conditional middleware?

var express = require('express')
var parseurl = require('parseurl')
var session = require('express-session')
var app = express()
app.use(session({
secret: 'keyboard cat',
resave: false,
saveUninitialized: true
}))
This is my simple code. However, I want to use session only if the req.url contains /web. Is there a way I can wrap this inside a middleware of my own?
I've tried:
function setSession(req,res,next){
if(req.url.indexOf('/api') != 0){
app.use(session({
secret: 'keyboard cat',
resave: false,
saveUninitialized: true
}));
next();
}else{
next();
}
};
and then
app.use(setSession);
But setting req.session.hello = "world" in my controller gives: TypeError: Cannot set property 'hello' of undefined. Simply put, it doesn't work. Are my arguments wrong in my middleware?
However, I want to use session only if the req.url contains /web. Is there a way I can wrap this inside a middleware of my own?
You certainly can. You can use express.Router to create sub-routes, like this:
var sessionMiddleware = session({
secret: 'keyboard cat',
resave: false,
saveUninitialized: true
});
var webRoutes = express.Router()
.get('/', function(req, res, next) {
res.send('I have a session!');
});
var nonWebRoutes = express.Router()
.get('/', function(req, res, next) {
res.send('No session here');
});
app.use('/web', express.Router()
.use(sessionMiddleware)
.use(webRoutes));
app.use('/nonweb', nonWebRoutes);
Edit:
If however you want to conditionally execute the middleware function, you could do it like this:
app.use(function(req, res, next) {
if (req.url.indexOf('/api') !== 0) {
sessionMiddleware(req, res, next);
} else {
next();
}
});
app.get('/api', function(req, res, next) {
res.send(!!req.session); //false
});
app.get('/web', function(req, res, next) {
res.send(!!req.session); //true
});
But I prefer the sub-route approach because it maps your path route structure to a hierarchy which makes the code easier to read and easier to incorporate other middleware that make use of sessions, like passport.js for example.

Resources