I first looked at persistent sessions with passport, mongodb and express but it didn't help or make sense.

I'm trying to get persistent logins with my website. My serializing process is not working.

// Passport needs to be able to serialize and deserialize users to support persistent login sessions
passport.serializeUser(function(user, done) {
    console.log('serializing user:',user.username);
    //return the unique id for the user
    return done(null, user._id);
});

//Desieralize user will call with the unique id provided by serializeuser
passport.deserializeUser(function(id, done) {
    User.findById(id, function(err, user) {
        console.log('deserializing user:',user.username);
        return done(err, user);
    });
});

The whole passport file can be found on the github.

I think the problem is that I get deserialized immediately, or atleast thats what the console.logs show.

Or it could be with my session:

app.use(session({
    secret: 'keyboard cat',
    cookie : {
        maxAge: 3600000 // see below
    }
}));

Here's my user schema:

var userSchema = new mongoose.Schema({
    username : String,
    password : String, //Hash
    created_at : {type: Date, default : Date.now}
});

Thanks for the help!

I first looked at persistent sessions with passport, mongodb and express but it didn't help or make sense.

I'm trying to get persistent logins with my website. My serializing process is not working.

// Passport needs to be able to serialize and deserialize users to support persistent login sessions
passport.serializeUser(function(user, done) {
    console.log('serializing user:',user.username);
    //return the unique id for the user
    return done(null, user._id);
});

//Desieralize user will call with the unique id provided by serializeuser
passport.deserializeUser(function(id, done) {
    User.findById(id, function(err, user) {
        console.log('deserializing user:',user.username);
        return done(err, user);
    });
});

The whole passport file can be found on the github.

I think the problem is that I get deserialized immediately, or atleast thats what the console.logs show.

Or it could be with my session:

app.use(session({
    secret: 'keyboard cat',
    cookie : {
        maxAge: 3600000 // see below
    }
}));

Here's my user schema:

var userSchema = new mongoose.Schema({
    username : String,
    password : String, //Hash
    created_at : {type: Date, default : Date.now}
});

Thanks for the help!

• javascript
• node.js
• mongodb
• passport.js
• passport-local

Share Improve this question Follow edited May 23, 2017 at 11:58 CommunityBot 111 silver badge asked Nov 8, 2015 at 15:50 Manu MassonManu Masson 1,74733 gold badges1919 silver badges3737 bronze badges

Add a ment  | 

3 Answers 3

Sorted by: Reset to default 3

The link you referred to, persistent sessions with passport, mongodb and express, is talking about an old version of the express framework, the one you are using in your package.json, https://github./manu354/teecher/blob/master/package.json, "express": "~4.13.1", is very new.

You need to move these lines:

app.use(passport.initialize());
app.use(passport.session());

above a little, to be immediately beneath the app.use(session({...})

I would remend that you follow this blog post, http://mherman/blog/2015/01/31/local-authentication-with-passport-and-express-4/, it will definitely help you

Your problem is not in passport or your back end. It's on the front end with angular. You are only setting $rootScope.authenticated when the user takes a login action, but you need to check with the server upon every app initialization by calling your api to see if the user has already logged in before.

So, perhaps, in routes/api.js create a router.route('/current_user') route which should either return null (or some kind of guest user object) or it will return the currently logged in user's info so that your front end angular app will know whether the user is logged in or not and have some user information to work with. If /api/current_user provides a user, then you know you're logged in and you can set $rootScope.authenticated = true.

Just posting in case it helps anyone.

Check if your client/browser is executing the Set-Cookie header.

In my case, it was working fine in Safari but not in Chrome or Firefox. Clearly a client side issue since there was no browser identifying server-side code. One of the difference between Safari and Chrome/Firefox was that fetch polyfill was being used in Safari while Chrome and Firefox supported it natively. fetch doesn't use the Set-Cookie header unless you provide credentials in its options.