We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hello,
Passport 0.6.0 introduced this fix for a security issue described in this blog post. https://medium.com/passportjs/fixing-session-fixation-b2b68619c51d
I tried to pass the keepSessionInfo property in the following places
keepSessionInfo
PassportModule.register
super
AuthGuard
getAuthenticateOptions
The options are passed in the authenticate call but they are not passed inside passportjs sessionManager.logIn.
sessionManager.logIn
I used the examples in this blogpost https://medium.com/passportjs/fixing-session-fixation-b2b68619c51d
https://github.com/sdoxsee/cats-nest
No response
The options set for passport.authenticate call should also be passed to req.login function inside the logIn method of the AuthGuard
passport.authenticate
req.login
logIn
10.0.0
0.6.0
18.17.0
The text was updated successfully, but these errors were encountered:
I created a pull request for fixing this issue
Sorry, something went wrong.
Let's track this here #1386
No branches or pull requests
Is there an existing issue for this?
Current behavior
Hello,
Passport 0.6.0 introduced this fix for a security issue described in this blog post.
https://medium.com/passportjs/fixing-session-fixation-b2b68619c51d
I tried to pass the
keepSessionInfo
property in the following placesPassportModule.register
functionsuper
call of a guard that extendsAuthGuard
getAuthenticateOptions
method of the GuardThe options are passed in the authenticate call but they are not passed inside passportjs
sessionManager.logIn
.I used the examples in this blogpost https://medium.com/passportjs/fixing-session-fixation-b2b68619c51d
Minimum reproduction code
https://github.com/sdoxsee/cats-nest
Steps to reproduce
No response
Expected behavior
The options set for
passport.authenticate
call should also be passed toreq.login
function inside thelogIn
method of theAuthGuard
Package version
10.0.0
Passport version
0.6.0
NestJS version
10.0.0
Node.js version
18.17.0
In which operating systems have you tested?
Other
No response
The text was updated successfully, but these errors were encountered: