CODEWITHSUNDEEP
javascriptnode.jsember.jssails.jspassport.js
Ryan
Ryan

Reputation: 5682

Sails.js Node server req.session is always empty, using Passport-local strategy.

Have ember app running on http://localhost:4200.
Sails App is running on http://localhost:1337.

I have a policy set on a pre-signup survey. So on the sails side in/api/controllers/ProcessSurveyController.js I have this:

module.exports = {

    process_survey: function(req, res){
        if(req.body === {} || req.body === null){
            res.status(400);
            return res.send({err: "something bad happened"});
        }
        var params = req.body;
        req.session.user = {};
        if(params.p_1 === '1' && params.p_2 === '1' && params.p_3 === '0' && params.p_4 !== "Bad Param"){
            req.session.user.qualifies = true;
            res.status(200);
            return res.send({message: 'user qualifies', status: 'good'});   
        }else{
            req.session.user.qualifies= false;
            res.status(200);
            return res.send({message: "user fails to qualify", status: "bad"});
        }
    }
};

I then have this policy in api/policies/Qualifies.js

module.exports= function(req, res, next){
    if(req.session.user.qualifies){
        return next();
    }else{
        res.status(400);
        return res.send({status: 400, message: 'User does not qualify.'});
    }
};

Which I apply to my api/UserController.js

Only thing is that whenever I post from Ember to my UserController.create method I get an error from that policy saying cannot read property qualifies of undefined.

And if I sails.log.verbose(req.session) it's always empty at this point. No matter what I do.

I've enabled cors on my server, and my /config/cors.js has these options: 

module.exports.cors = {
   allRoutes: true,

   origin: 'http://localhost:4200',

   credentials: true,

   methods: 'GET, POST, PUT, DELETE, OPTIONS, HEAD',

   headers: 'X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept'
};

In my ember adapter I have this: 

export default DS.RESTAdapter.extend({
    host: 'http://localhost:1337',
    ajax: function(url, method, hash){
        hash.crossDomain = true;
        hash.xhrFields = {withCredentials: true};
        return this._super(url, method, hash);
    }
});

Clearly I'm missing something important but I just don't know what, and I've run out of ideas for google queries. Why is my req.session always empty?

EDIT: These were asked for in comments:

Contents of /config/http.js:

module.exports.http = {
    middleware: {
        passportInit: require('passport').initialize(),
        passportSession: require('passport').session(),

        order: [
            'startRequestTimer',
            'cookieParser',
            'session',
            'passportInit',
            'passportSession',
            'myRequestLogger',
            'bodyParser',
            'handleBodyParserError',
            'compress',
            'methodOverride',
            'poweredBy',
            '$custom',
            'router',
            'www',
            'favicon',
            '404',
            '500'
        ]
}

And /config/session.js

module.exports.session = {
  secret: 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA',

  cookie: {
    maxAge: 48 * 60 * 60 * 1000
  }
}

Upvotes: 14

Views: 1755

Answers (3)

tokosh
tokosh

Reputation: 1836

I just added session back into an existing Sails-app. In my case the problem was that the session was disabled via .sailsrc file (which of course took me some time to spot). In case of this issue: just remove the "session": false line from that file and session-property gets added.

Upvotes: 0

Daniel Izhar
Daniel Izhar

Reputation: 130

You need to add a Get in the custom controller.

So for example,

instead of: 

process_survey: function(req, res){
         console.log(req.session)
}

write: 

"Get process_survey": function(req, res){
         console.log(req.session)
}

Upvotes: 0

Lance Whatley
Lance Whatley

Reputation: 2455

I doubt this is still an issue since it's so old, but there are times in my ExpressJS apps where I use express-session (https://github.com/expressjs/session) and have to explicitly call req.session.save(callback) in order for the session to save back to the store I'm using. If there is an equivalent in passport's session support you might try to call it explicitly after updating values in the session.

Upvotes: 1

Related Questions