I am facing an issue in my main project. I tried to replicate the same issue in a small server project and it's working, can't figure out what's wrong with the big brother, so I started fiddling with the passport's session.js.
So the difference I found out was. When from the correct code this file is called, there is a variable called su.
var self = this, su;
if (req._passport.session) {
su = req._passport.session.user;
}
console.log(su+"su");`
So for the project it works. It gives the output 56699cf997f929f52959ddbasu
But for the case where deserailzer user siltently fails It gives the answer. undefinedsu. What could possibly cause this?? In one project it's working. Exactly same stuff. But in one it is not.
Please help
And also one more unexpected behaviour
undefinedsu
undefinedsu
undefinedsu
undefinedsu
It is getting printed 4 times. Why the same function will be called 4 times??
Also one more behavior. In my bad app. Everytime I login a new session is created. But in my correct app it only logs it in once. So is it somethings to do with like it is not able to get data from the database??
I am trying to list out reasons , probably someone would have face it?
I have the same issues. passport.deserializeUser() not getting executed and a new session id is created for each request. I have spent many hours trying to resolve this. I have read dozens of SO post dating back to 2012 and nothing I do resolves the issue. Express JS session and Passport are no where near as simple to use as the docs make it out to be. I have tried dozens of solutions from around the internet with no luck. Unfortunately I am trying to build a simple back end with node js to provide some API methods for a front end developer job interview and since I cannot make this technology work in a very simple scenario I guess I have to pass on the job opportunity.
@jbeckton there is no reason to get disheartened so soon. Start a fresh project and stop changing that project. For me, it was working in other project and not in my original project. I don't know why. Try that hopefully, it will help. I will try posting a GitHub repo for such issues. Something like a starter kit for authentication which people can directly use.
@jaredhanson could you look at this issue? Also I created a stackoverflow question and I am not the only one with this issue. Can you please suggest some steps to avoid it or give a working solution in some repo.
Hey @jaredhanson came across this issue, see if you can pinpoint it in the source code. What I have observed is, whenever I make cross-origin request i.e. Let's say my server is running on port 7000 and a request is coming from my front end which is running on port 8080. Deserialize User is never called and when I create an index.html in my node.js folder and serve from there, deserialize user is called.
@SarasArya Hi friend. I guess i have the same issue, My back i running in 4000 and my front in another port. How did you solve it ? remember ? thanks !!
Hi guys,did anyone found out a solution to this situation?
I've got a front and back end server running separately and i seem to have the same issue.
I also ran the following code to "bind" them:
app.use(function (req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
I don't know if it "harms" anything,but at this point, i don't trust any line of code xD
Regards
Hi guys! I had the same problem and resolved it!! Earlier I defined deserializeUser() in main file(the control point of run application) but always i had this problem. Then i turned to incapsulate all of passport code in function of another file and invoke that in main file. Now my code is working very nice. I hope this answer someone will help.
i ran into the same problem. I guess the route for which deserializeUser() is not called, would be using a middleware or express-router (basically you have app.use() instead of app.get() or app.post()).
The route would be something like=> app.use('/book',isAuthorized,booksRouter).
where isAuthorized is a middleware and booksRouter is the router.
Now the deserialiseUser function is only called on app.get() or app.post() directly.
If you want to use app.use(), add passport.initialize() middleware like this:
app.use('/book',passport.initialize(), isAuthorized, booksRouter)
Hope it clears your doubt!
I ran into the same issue. The first thing to check is whether you have done:
app.use(passport.session())
This solved things for more, since deserializeUser() is part of the session logic in Passport. If you aren't using sessions then this will never be called.
PS adding this in case someone like me comes looking.
In my case, I had put app.use(session{...}) after app.use(passport.session()). This order is wrong! Put app.use(session{}) before initializing passport. It worked fine for me
@xenowits running into this issue as well. I do have my sessions declared in the order that you mentioned. What else made this work? Is Passport not supposed to be used inbetween two different apps? a frontend and a backend? because my frontend app doesn't seem to be creating the session correctly because my backend never hits seserializeUser.
@normdoow check to see that that express is creating the session cookie and you see in the browser. Then do a simple session test by setting a session value and then seeing if you are seeing it next request. If you aren't then start investigating why the session value is not being held. Once you are sure that is working, then you can have another look at the passport behaviour.
@ajmas Thanks for the help. I found that I wasn't passing a cookie from my client. Didn't know what I was doing there. Don't have it completely figured out but I think thats the issue.
I think a lot of people here are probably running into this because the passport docs don't mention how the sessions work very well. If you have a frontend and backend you probably need to pass the data in a cookie from the frontend. otherwise you will never call deserializeduser.
@normdoow a pleasure.
Normally cookies are automatically sent back as part of the request, for same domain or same host. Do check what the context is set on the cookie. For example it could be set to a sub path on the server, instead of /.
Just in case someone comes here with the same question this is what worked for me. Totally an order of operations thing.
app.use(passport.initialize());
app.use(passport.session());`
Most helpful comment
@SarasArya Hi friend. I guess i have the same issue, My back i running in 4000 and my front in another port. How did you solve it ? remember ? thanks !!