passport google authentication non persistent

1
votes

I am having troubles building a persistent authentication system with google oauth2 using cookie sessions. I am using the following packages:

  • express
  • cookie-session
  • passport
  • passport-google-oauth2

This is my main app

const express = require('express');
const config = require('./config.json');
const cors = require('cors');
const cookieSession = require('cookie-session');
const passport = require('passport');
const path = require('path');
const auth = require('./middleware/auth.service');
const app = express();

app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cors());

app.use(cookieSession({
    name: 'session',
    keys: config.session.keys,
    secret: config.secretkey,
    cookie: {
        secure: false,
        httpOnly: true,
        path: 'cookie',
        expires: new Date(Date.now() + 60 * 60 * 1000 * 24 * 365)
    }
}))

passport.use(require('./middleware/passport.service'));

app.use(passport.initialize());
app.use(passport.session());

app.set('view engine', 'ejs');
app.set('views', path.join(__dirname, 'views'));
app.use(express.static(path.join(__dirname, 'views')));

app.use('/auth', auth.router);

app.get('/', auth.isAuthenticated, (req,res)=>{
    res.json(req.session.passport);
});

app.listen(3001,()=>{
    console.log("Listening on port 3001...");
});

Here is my authentication service:

const express = require('express');
const passport = require('passport');
const router = express.Router();

router.get('/login',(req,res)=>{
    res.render('login');
});

router.get('/google',
  passport.authenticate('google', { scope:
    [ 'email', 'profile' ] }
));

router.get('/google/failure',(req,res)=>{
    res.redirect('/auth/login');
});
 
router.get( '/google/callback',
    passport.authenticate( 'google', { failureRedirect: '/auth/google/failure', successRedirect: '/' }));

function isAuthenticated(req, res, next) {
    if(req.session.passport){
        next();
    } else {
        res.redirect('/auth/login');
    }
}

module.exports =  {
    router,
    isAuthenticated
}

Basically the authentication works but it's not persistent this means that when i close the browser the user session expires, do you know where i might be wrong?

1
node.jsexpresscookiesoauth-2.0passport.js

1 Answers

0
votes

I figured out the issue but i don't know why, basically i switched the package from cookie-session to express-session rearranged the session code and it started working, maybe there are some incompatibilities between passport and cookie-session that i don't know about??? anyway the following code works.

const express = require("express");
const config = require("./config.json");
const cors = require("cors");
var session = require("express-session");
const passport = require("passport");
const path = require("path");
const auth = require("./middleware/auth.service");
const app = express();

app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.set("trust proxy", 1);
app.use(cors());

app.use(
  session({
    secret: config.secretKey,
    resave: false,
    saveUninitialized: true,
    cookie: {
      secure: false,
      maxAge: 60 * 60 * 1000 * 24 * 365,
    },
  })
);

app.use(passport.initialize());
app.use(passport.session());

passport.use(require("./middleware/passport.service"));

app.set("view engine", "ejs");
app.set("views", path.join(__dirname, "views"));
app.use(express.static(path.join(__dirname, "views")));

app.use("/auth", auth.router);

app.get("/", auth.isAuthenticated, (req, res) => {
  res.json(req.session.passport);
});

app.listen(3001, () => {
  console.log("Listening on port 3001...");
});