Reputation: 1796
Node js session overwrite my first session
Hello guy's i m new in node js i created one demo app for multiple user with certain permission. My problem is when one user login in system its working fine but when other user login in system with another computer on same server its overwrite first user permission. i don't know how to solve this problem i searched on google and stackoverflow as well but did't got anything please help me. below is my code to for login and session management
var express = require('express');
var cookieParser = require('cookie-parser');
var session = require('express-session');
//app setup
var app = express();
//cookie parser
app.use(cookieParser());
//session
app.use(session({secret: '1234567890QWERTY',cookieName: 'session' }));
app.post('/users/loginAuthentication', function(req, res) {
var query = req.body;
var conditions = {email: query.username, password: query.password.toString(), is_delete: false, status: true};
userModel.findOne(conditions, function(err, admins) {
if (err) {
console.log(err.message);
} else {
if (!admins) {
res.end('{"success" : "not login", "status" : 400, "Auth" : "Failed"}');
} else {
req.session.admin = admins;
app.locals.checkAuth = req.session.admin.user_roles;
app.locals.USERNAME = req.session.admin.user_name;
res.end('{"success" : "Updated Successfully", "status" : 200, "Auth" : "Success"}');
}
}
});
});
for permission i doing something like this in my jade file
if (checkAuth == 'ADMIN')
li
a(href='/data')
i.fa.fa-plus-square-o.fa-fw
| table data
Upvotes: 0
Views: 1034
Answers (1)
Reputation: 1269
The problem happens because you are storing data within app.locals, that are persist throughout the life of the application.
Take a look at these lines:
app.locals.checkAuth = req.session.admin.user_roles;
app.locals.USERNAME = req.session.admin.user_name;
The properties "checkAuth" and "USERNAME" will be there until you stop your app (Ctrl+C for example).
In order to resolve the problem, you should store these properties in res.locals instead of app.locals;
Next question is how to pass them to view for Jade? You can try the following script (not tested!) :
app.use(function(req, res, next){
var render = res.render;
var resLocals = res.locals;
res.render = function(view, locals, cb){
locals.checkAuth = resLocals.checkAuth;
locals.USERNAME = resLocals.USERNAME;
render.call(res, view, locals, cb);
}
next();
});
The above block works as a regular ExpressJS midleware that copies the data from res.locals to app.locals before executing template engine behaviors.
*Addition:
Session data should be handled in controllers, within a request-response cycle. In real world, you should do something like this:
// homeController.js
function index(req, res){
var data = {
checkAuth: req.session.user_roles;
USERNAME: req.session.user_name;
}
res.render('yourJadeTemplateFile', data);
}
Upvotes: 2
Related Questions
- Express-session creates new session every request
- Express session resets on every request
- A Node.js express session is overwritten by another parallel session
- Express creating new session for each request
- Express session reset for every request
- Session variables in node express-session don't persist to the next request
- express session not persisting from page to page
- Why do I get a new session when I refresh the page (I created session after save())
- Node.js & Express session problem
- Session keeps resetting on Node.js Express