connect session not working #21

Closed
amelon opened this Issue Feb 23, 2012 · 5 comments

Projects

None yet

4 participants

@amelon
amelon commented Feb 23, 2012

there's still issue with connect session middleware and union:

-union: 0.1.7
-flatiron: 0.1.11
-connect: 2.0.0alpha1

As mentioned, connect patch ServerResponse prototype to support event "header". (connect/lib/patch.js)
On session middleware, connect expect the response parameter to be a http.ServerResponse and it listens to "header" event to write cookie header.
(line 221 on connect/lib/middleware/session.js)

    // set-cookie
    res.on('header', function(){
      if (!req.session) return;
      var cookie = req.session.cookie
        , proto = (req.headers['x-forwarded-proto'] || '').toLowerCase()
        , tls = req.connection.encrypted || (trustProxy && 'https' == proto)
        , secured = cookie.secure && tls;

      // browser-session cookies only set-cookie once
      if (null == cookie.expires && !sessionIsNew) return;

      // only send secure cookies via https
      if (cookie.secure && !secured) return debug('not secured');

      debug('set %s to %s', key, req.sessionID);
      res.setHeader('Set-Cookie', cookie.serialize(key, req.sessionID));
    });

As response object forwarded by union to connect is a ResponseStream object, "header" event is never emit.

row

    // set-cookie
    res.on('header', function(){

should be

    // set-cookie
    res.response.on('header', function(){

no idea of how to work around this issue

@PatrickHeneise

I have the same problems and suspect passport.js is not working because of this either.

When making the change to connect, I get an error:

node.js:201
throw e; // process.nextTick error, or 'error' event on first tick
^
TypeError: Cannot read property 'encrypted' of undefined
at ServerResponse. (/Users/pat/Sites/app/node_modules/connect/lib/middleware/session.js:226:31)

@pksunkara pksunkara closed this in ce91a78 Mar 25, 2012
@amelon
amelon commented Mar 26, 2012

it's working now.
Thanks

@xjamundx

Having similar problems using the following code which is straight from the connect docs.

var flatiron = require('flatiron')
var connect = require('connect')
var app = flatiron.app
app.use(flatiron.plugins.http);
app.http.before.push(connect.cookieParser('keyboard cat')); // secret here
app.http.before.push(connect.session({ cookie: { maxAge: 60000 }})); // no secret here
app.http.before.push(function(req, res) {
      var sess = req.session;
      if (sess.views) {
        res.setHeader('Content-Type', 'text/html');
        res.write('<p>views: ' + sess.views + '</p>');
        res.write('<p>expires in: ' + (sess.cookie.maxAge / 1000) + 's</p>');
        res.end();
        sess.views++;
      } else {
        sess.views = 1;
        res.end('welcome to the session demo. refresh!');
      }
})
app.start(4444)

You just always see "welcome to the session demo. refresh!" when using connect 2.3.3 and node 0.6.19.

In my case no cookies are being set. Anyone experienced this before?

@amelon
amelon commented Jun 20, 2012

I think cookies are set during res.setHeader.
You should set res.setHeader(...) before the "if"

@xjamundx

The problem had to do with the version of something. I may have been on flatiron 0.2.1 or been using an older version of union. Wiping my package.json and node_modules and re-installing the latest of each requirement solved the problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment