Multiple Users Issues Node.js

Question

I am working on a budgeting application and everything works great... or at least i thought it did. Test it out at http://budgeter.pattmorter.webfactional.com/! Now you can login and add stuff and edit your profile and it works great, the only problem is that if someone else logs in after you, and you refresh your page, it'll set your session to the person that logged in after you.

I'm not really sure why it happened but it has to do with my main app.js node. I think my problem is that when the user logs in i have a currentUser variable in app.js which is passed too all of the different routing but I don't think that is correct because it is causing these errors. Anyone suggest a better way of doing this?

My app.js file is here -- https://github.com/M-Porter/bearded-wookie/blob/master/production/app.js

Basically, I don't understand how to do what i want without a variable in the app.js space. Any push in the right direction would be great.

Answer 1

Node.js in Action (great book) suggests using built in session middleware for things like this. It uses signed cookies so you will also need the cookieParser middleware. It should look something like:

app.use(express.cookieParser('your secret'));
app.use(express.session());

Then you have access to req.session to keep track of your current user.

Edit 1: I just looked at your code more closely. Looks like you were already on track with cookieParser and session middleware. Just try storing your current user in session. It also sounds like passport can retrieve the username on subsequent request. Check out http://passportjs.org/guide/configure/