Node.js not persisting redirect URL in session variable set in middleware

Question

app.js

const express = require('express');
const chalk = require('chalk');
const app = express();
const debug = require('debug')('app')
const path = require('path');
const morgan = require('morgan');
const passport = require('passport');
const cookieParser = require('cookie-parser');
const session = require('express-session');


const sessionRouter=require('./src/routers/routerSession');
const adminRouter = require('./src/routers/routerAdmin');
 const authRouter = require('./src/routers/routerAuth');
 const {
 saveOriginalUrl,
 ensureAuthenticated,
} = require("./src/config/middlewares");
  const PORT = process.env.PORT || 3000;

app.use(morgan('tiny'));
app.use(express.static(path.join(__dirname,'/public/')));
app.use(express.json());
app.use(express.urlencoded({extended:false}));
app.use(cookieParser());
app.use(
 session({
secret: "globomantics",
resave: false,
saveUninitialized: true, // Make sure to save uninitialized sessions
cookie: {
  secure: false, //setting this false for http connections
  maxAge: 3600000,
  expires: new Date(Date.now() + 3600000),
}, 
})
);

require('./src/config/passport.js')(app)

app.set('views','./src/views');
app.set('view engine','ejs')




app.use('/admin', adminRouter);
app.use('/auth',authRouter);

app.use("/sessions", saveOriginalUrl, ensureAuthenticated, sessionRouter);

middlewares.js

function saveOriginalUrl(req, res, next) {
  console.log("saveOriginalUrl");
  if (!req.user && req.originalUrl) {
    console.log("Saving original URL:", req.originalUrl);
req.session.returnTo = req.originalUrl;
 }
 next();
}

 function ensureAuthenticated(req, res, next) {
   console.log("EnsureAuthenticated called, session:", req.session);
if (req.isAuthenticated()) {
  return next();
 }

 res.render("./signin"); // Redirect to login page if not authenticated
 }

  module.exports = {
   saveOriginalUrl,
   ensureAuthenticated,
 };

routerAuth.js

      authRouter
     .route("/signin")
     .get((req, res) => {

    res.render("signin");
   })
  .post(
      passport.authenticate("local", { failureRedirect: "/" }), // Only handle 
failureRedirect
(req, res) => {
  console.log("Session before redirect:", req.session);
  // After successful authentication, handle the redirect manually
  const redirectTo = req.session.returnTo || "/auth/profile"; // Default to "/auth/profile" if no returnTo
  console.log("Redirecting to:", req.session.returnTo);
  delete req.session.returnTo; // Clean up the session after redirecting
  res.redirect(redirectTo);
  }
 );

 module.exports = authRouter;

So the code is working fine except for the fact that my session variable is redierctTo being set inside the middleWares.js is undefined after authentication and my page is redirected to the default path 'auth/profile' what am i doing wrong here?

Answer 1

After several seeral search and failed posting of question. i found a rudimentary way to persist my session value after the passport.authenticate() . This is how I modified my signIn route to acheive it.

authRouter
 .route("/signin")
 .get((req, res) => {
if (!req.session.returnTo) {
  req.session.returnTo = req.query.returnTo || "/auth/profile"; // Default value
}
console.log("Stored returnTo in session one:", req.session.returnTo);
res.render("signin");
})
.post(
(req, res, next) => {
  // Store returnTo in a local variable
  const returnTo = req.session.returnTo || "/auth/profile";
  req.session.returnTo = returnTo; // Ensure it's in the session too
  console.log("Session before authentication:", req.session.returnTo);

  // Save the value into res.locals to persist through Passport
  res.locals.returnTo = returnTo;

  next(); // Proceed to Passport authentication
},
passport.authenticate("local", { failureRedirect: "/" }), // Handle failure
(req, res) => {
  // After successful authentication, use res.locals.returnTo
  const redirectTo = res.locals.returnTo || "/auth/profile"; // Default to "/auth/profile"
  console.log("Redirecting to:", redirectTo);

  delete req.session.returnTo; // Optionally clean up the session after redirecting
  res.redirect(redirectTo);
}

);