You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I ran into this issue while writing app that utilizes express-session package with redis as session storage.
In short - if app experiences some error that doesn't necessarily affect related session information, the user is magically logged out with his session object being gone from redis. I am not sure whether this is issue of this package, or maybe redis-storage package, or even my code, so I created simple example app that demonstrates this issue. (https://github.com/akamensky/express-session-bug)
Unless specifically done in your application's code, session saving is done by proxy of req.end.
What is happening is that your call to Session#regenerate is destroying the session in redis. Then the error occurs before the newly generated session is initially saved –since req.end isn't called–. Two solutions might be:
save the session immediately in the regenerate callback
Don't regenerate the session on each request, particularly since this creates a race condition if a user makes two concurrent requests from the same client.
I don't think this is an express-session issue, feel free to reopen this if you disagree.
I ran into this issue while writing app that utilizes
express-session
package with redis as session storage.In short - if app experiences some error that doesn't necessarily affect related session information, the user is magically logged out with his session object being gone from redis. I am not sure whether this is issue of this package, or maybe
redis-storage
package, or even my code, so I created simple example app that demonstrates this issue. (https://github.com/akamensky/express-session-bug)To reproduce this issue:
admin/password
to log inWith the sequence above I would expect user to stay logged in at the end but it doesn't happen..
The text was updated successfully, but these errors were encountered: