connect session not working #21

amelon opened this Issue Feb 23, 2012 · 5 comments


None yet

4 participants

amelon commented Feb 23, 2012

there's still issue with connect session middleware and union:

-union: 0.1.7
-flatiron: 0.1.11
-connect: 2.0.0alpha1

As mentioned, connect patch ServerResponse prototype to support event "header". (connect/lib/patch.js)
On session middleware, connect expect the response parameter to be a http.ServerResponse and it listens to "header" event to write cookie header.
(line 221 on connect/lib/middleware/session.js)

    // set-cookie
    res.on('header', function(){
      if (!req.session) return;
      var cookie = req.session.cookie
        , proto = (req.headers['x-forwarded-proto'] || '').toLowerCase()
        , tls = req.connection.encrypted || (trustProxy && 'https' == proto)
        , secured = && tls;

      // browser-session cookies only set-cookie once
      if (null == cookie.expires && !sessionIsNew) return;

      // only send secure cookies via https
      if ( && !secured) return debug('not secured');

      debug('set %s to %s', key, req.sessionID);
      res.setHeader('Set-Cookie', cookie.serialize(key, req.sessionID));

As response object forwarded by union to connect is a ResponseStream object, "header" event is never emit.


    // set-cookie
    res.on('header', function(){

should be

    // set-cookie
    res.response.on('header', function(){

no idea of how to work around this issue


I have the same problems and suspect passport.js is not working because of this either.

When making the change to connect, I get an error:

throw e; // process.nextTick error, or 'error' event on first tick
TypeError: Cannot read property 'encrypted' of undefined
at ServerResponse. (/Users/pat/Sites/app/node_modules/connect/lib/middleware/session.js:226:31)

@pksunkara pksunkara closed this in ce91a78 Mar 25, 2012
amelon commented Mar 26, 2012

it's working now.


Having similar problems using the following code which is straight from the connect docs.

var flatiron = require('flatiron')
var connect = require('connect')
var app =
app.http.before.push(connect.cookieParser('keyboard cat')); // secret here
app.http.before.push(connect.session({ cookie: { maxAge: 60000 }})); // no secret here
app.http.before.push(function(req, res) {
      var sess = req.session;
      if (sess.views) {
        res.setHeader('Content-Type', 'text/html');
        res.write('<p>views: ' + sess.views + '</p>');
        res.write('<p>expires in: ' + (sess.cookie.maxAge / 1000) + 's</p>');
      } else {
        sess.views = 1;
        res.end('welcome to the session demo. refresh!');

You just always see "welcome to the session demo. refresh!" when using connect 2.3.3 and node 0.6.19.

In my case no cookies are being set. Anyone experienced this before?

amelon commented Jun 20, 2012

I think cookies are set during res.setHeader.
You should set res.setHeader(...) before the "if"


The problem had to do with the version of something. I may have been on flatiron 0.2.1 or been using an older version of union. Wiping my package.json and node_modules and re-installing the latest of each requirement solved the problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment