CODEWITHSUNDEEP
node.jsexpresspassport.jspassport-local
callmekatootie
callmekatootie

Reputation: 11228

Update logged in user details in session

I am using PassportJS with ExpressJS.

I need to update the logged in user details. While I do update this in the DB, how do I update it in the session too so that request.user contains the updated user details?

That is, after updating the database, how do I update the session info on the user as well?

I tried directly assigning the updated details to request.user but it did not work. I then tried request.session.passport.user - this worked but there is a delay of around 5 to 10 seconds before it gets updated in request.user too.

Is there a function that I need to call that updates the user information stored in the session? Or is there some other object that I can update where the change does not have a delay

Upvotes: 27

Views: 11102

Answers (3)

chichilatte
chichilatte

Reputation: 1818

I've been hunting down an answer for this too. Never mentioned in any docs or tutorials!

What seems to work is, after saving your newly updated user, do req.login(user)...

// "user" is the user with newly updated info
user.save(function(err) {
    if (err) return next(err)
    // What's happening in passport's session? Check a specific field...
    console.log("Before relogin: "+req.session.passport.user.changedField)
    
    req.login(user, function(err) {
        if (err) return next(err)
        
        console.log("After relogin: "+req.session.passport.user.changedField)
        res.send(200)
    })
})

The clue was here... https://github.com/jaredhanson/passport/issues/208


EDIT 2023

Apparently, since [email protected], req.login() now generates a new session ID, which means this approach may no longer work. Stick to the previous version (0.5.3) for now? Here's a tiny bit more detail .

Upvotes: 43

Arntor
Arntor

Reputation: 816

I had similar problem today and decided to share my findings, since i couldn't find similar answer.

The problem was that (copied from passport documentation) i was getting the user data directly from the token, that the user sent in the request. Which was of course outdated.

passport.use(new JWTStrategy({
    jwtFromRequest: ExtractJWT.fromAuthHeaderAsBearerToken(),
    secretOrKey   : CONFIG.JWT_SECRET
  },
  function (jwtPayload, cb) {
    return cb(null, jwtPayload);
  }
));

while i should get the fresh user object from the database instead:

return User.findById(jwtPayload.id)
  .then(user => {
    return cb(null, user);
  })
  .catch(err => {
    return cb(err);
  });

Upvotes: 0

saurabh kumbhar
saurabh kumbhar

Reputation: 71

User.findById(req.user._id,function(err,doc){
        req.logIn(doc,function(err1){

                if(err1){ console.log("Error : "+err1) }
                              else{
                                    res.render("abc.ejs",{user:req.user});
                                    console.log('Item Removed Successfully!!!');
                              }

                        });
                  });

Here we are re-login the user
User => Mongoose Model

Upvotes: 1

Related Questions