TypeError: req.session.regenerate is not a function using Passport

Question

Hello I'm following the course Node with React full web stack, and I got a big issue, I don't know why it's showing up, or from what is showing up. my terminal shows this error :

req.session.regenerate(function(err) {
               ^ TypeError: req.session.regenerate is not a function

and my code looks like it

index.js

 const express = require("express");
 const mongoose = require("mongoose"); 
 const cookieSession = require("cookie-session");
 const passport = require("passport"); 
 const keys = require("./config/keys"); 
 require("./models/User");
 require("./services/passport");
 
mongoose.connect(keys.connect_url);

const app = express();

app.use(   cookieSession({
     maxAge: 30 * 24 * 60 * 60 * 1000,
     keys: [keys.cookieKey],   }) ); 
app.use(passport.initialize()); 
app.use(passport.session());

require("./routes/authRoutes")(app);
 
const PORT = process.env.PORT || 5000; 
app.listen(PORT);

passport.js

     const passport = require("passport"); 
     const GoogleStrategy = require("passport-google-oauth20").Strategy; 
     const mongoose = require("mongoose");
     const keys = require("../config/keys");
     
     const User = mongoose.model("users");
     
    passport.serializeUser((user, done) => {   done(null, user.id); });
 
    passport.deserializeUser((id, done) => {  
    User.findById(id).then((user) => {
       done(null, user);   }); });
    
    passport.use(new GoogleStrategy(
         {
           clientID: keys.googleClientId,
           clientSecret: keys.googleClientSecret,
           callbackURL: "/auth/google/callback",
         },
         (accessToken, refreshToken, profile, done) => {
           User.findOne({ googleId: profile.id }).then((existingUser) => {
             if (existingUser) {
               // we already have a record with the given profile ID
               done(null, existingUser);
             } else {
               // we don't have a user record with this ID, make a new record!
                new User({ googleId: profile.id })
               .save()
                 .then((user) => done(null, user));
             }
           });
         }   ) );

authRouters.js

        const passport = require("passport");
    
    module.exports = (app) => {
      app.get(
        "/auth/google",
        passport.authenticate("google", {
          scope: ["profile", "email"],
        })
      );
    
      app.get("/auth/google/callback", passport.authenticate("google"));
    
      app.get("/api/current_user", (req, res) => {
        res.send(req.user);
      });
    };

I really don't know from it issue comes in, I can say that is showing up when I'm going to localhost:5000/auth/google

Answer 1

What solved it for me was to switch from cookie-session to express-session.

Answer 2

With express jwt you can store the coockie as http only, I have it working now.

Answer 3

app.use(cookieSession({
    // ...
}))
// register regenerate & save after the cookieSession middleware initialization
app.use(function(request, response, next) {
  if (request.session && !request.session.regenerate) {
    request.session.regenerate = (cb) => {
      cb()
    }
  }
  if (request.session && !request.session.save) {
    request.session.save = (cb) => {
      cb()
    }
  }
  next()
})

Answer 4

I found philippkrauss's post of his suggested implementation to work while using passport 0.6.0.

app.use(cookieSession({
    // ...
}))
// register regenerate & save after the cookieSession middleware initialization
app.use(function(request, response, next) {
    if (request.session && !request.session.regenerate) {
        request.session.regenerate = (cb) => {
            cb()
        }
    }
    if (request.session && !request.session.save) {
        request.session.save = (cb) => {
            cb()
        }
    }
    next()
})

Answer 5

https://github.com/jaredhanson/passport/issues/907

npm uninstall passport

npm install passport@0.5

Answer 6

Am doing the same course, fix is there on udemy. From Udemy :

Passport v.0.6.0 is currently broken due to an incompatibility: https://github.com/jaredhanson/passport/issues/907

The maintainer suggests using the latest v0.5.0 until a fix is pushed out. Use:

npm uninstall passport

npm install passport@0.5

this worked fine for me.

Answer 7

I faced the problem not quite long also... it seems to be a problem with the cookie-session package... To resolve this I used the express-session

// install the package
npm install express-session

const session = require('express-session')

app.use(session({
   secret: 'somethingsecretgoeshere',
   resave: false,
   saveUninitialized: true,
   cookie: { secure: true }
}));

Answer 8

I think this error happens because the passport use req.session.regenerate() function internally (source code link), cookie-session has not regenerate method and therefor passport throws the error.

There is also an issue on the cookie-session GitHub page that is related to regenerate function (issue link).

If it is not important to keep the session on the client-side, you can keep it on the server-side, you can use express-session for this, then you will not get the above error.