Any calls made to my passport.authenticate() middleware deletes and recreates my req.session object. I need it to stay consistent because it's shared with my socket.io connection. After some digging I've found that the "keepSessionInfo" field is required to disable this behavior, yet it does not work. The solution that did work, was reverting passport to version 0.5.0. Does anyone know why this is? Thanks.

Passport.authenticate() re-creates my session.id

app.post('/user/authenticate', passport.authenticate("local", { keepSessionInfo: true }), (req, res) => {
  console.log("Authenticate success response");
  req.session.isAuthenticatedUser = true;
  // Session ID Changes at this log.
  console.log("Session Id After Authentication", req.session.id)
  res.sendStatus(200);
});

My socket.io Code

// Express Session 
const app = express()
const middleWareSession = session({
  secret: "keyboard cat",
  resave: false,
  saveUninitialized: true,
  rolling: true,
  cookie: { secure: false, httpOnly: false },
});
app.use(middleWareSession);

//Socket.io Handling
const httpServer = createServer(app);
const io = new Server(httpServer, {
  cors: {
    origin: "http://localhost:3000",
    methods: ["GET", "POST"],
    credentials: true,
  },
});
io.engine.use(middleWareSession);