Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>
Idioma: En

req.session.user not "global" in my node.js project

req.session.user not "global" in my node.js project

Problem

After Authentication success req.session.user exists but when I try to call it to restrict access to a page its gone and of course restricts access when I dont want it to. I know its a scope problem but I can't figure it out.

    function restrict(req, res, next) {
  if (req.session.user) {
    next();
  } else {
    req.session.error = 'Access denied!';
    res.redirect('/accessdenied');
  }
}

// Add User Route
app.get('/addUser', restrict, function (req, res, next) 
  {res.render('addUser', {
                        title       : "SC Auds - Ad New User"
                     ,  author      : "Alan Swenson"
                     ,  description : "none"
                   });
                });



app.post('/login', function (req, res, next){

var checkuser = new User({
                      email     : req.body.user.email
                    , password  : req.body.user.password
                  });

 // checkuser.save(function(err) {
  // Successfully Logged In
User.getAuthenticated(checkuser.email, checkuser.password, function(err, user, reason) {

        if (err) {
          throw err;
        // Failed to work
          res.redirect('/error');
        }

        // login was successful if we have a user
        if (user) {
            // handle login success
            req.session.regenerate(function(){
            req.session.user = user;
            req.session.success = 'Authenticated as ' + user.email;
            res.redirect('/admin');
            console.log(req.session.user);
          });
        }

        // otherwise we can determine why we failed
        var reasons = User.failedLogin;
        console.log(User.failedLogin);
        switch (reason) {
            case reasons.NOT_FOUND:
            case reasons.PASSWORD_INCORRECT:
                // note: these cases are usually treated the same - don't tell
                // the user *why* the login failed, only that it did
                break;
            case reasons.MAX_ATTEMPTS:
                // send email or otherwise notify user that account is
                // temporarily locked
                break;

        }

    });



 });

Here is my app.js

/**
 * Module dependencies
 */

var express   = require('express'),
    routes    = require('./routes'),
    tasks     = require("./tasks"),
    mongoose  = require('mongoose');
    crypt     = require('bcrypt');
    RedisStore = require('connect-redis')(express);
    url =       require('url');


// Get yo' models
User = require("./models/user.js");
// Set up the app
app = express();
// Set up the server
var server = require('http').createServer(app);

//set up redis
var redisURL = 'redis://nodejitsu:nodejitsudb3022889634.redis.irstack.com:f327cfe980c971946e80b8e975fbebb4@nodejitsudb3022889634.redis.irstack.com:6379';
var redis = url.parse(redisURL);
console.log(redis);
/**
 * Configuration
 */

app.configure(function(){
  app.set('views', __dirname + '/views');
  app.set('view engine', 'jade');
  // Middle Ware
  app.use(express.favicon(__dirname + '/public/favicon.ico'));
  app.use(express.bodyParser());
  app.use(express.cookieParser());
  app.use(express.session({
    secret: "kaskjbabjkdfkabdfbkadbkjfasdfasdfrterterte",
    store: new RedisStore({ host: redis.hostname, port: redis.port, pass: redis.auth ? redis.auth.substring(redis.auth.indexOf(':') + 1) : null }),
    proxy: true,
    cookie: { secure: true}
  }));
  app.use(express.methodOverride());



  app.use(app.router);
  app.use(express.static(__dirname + '/public'));
  app.enable('trust proxy');
});

/**
 * Set up Listening Ports
 * Development & Production
 */

var port;
app.configure('development', function(){
  port = 3000;
  app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
 // mongoose.connect('mongodb://localhost/');
});

app.configure('production', function(){
  port = 80;
  app.use(express.errorHandler());
  // Production database connection string
   mongoose.connect('mongodb://nodejitsu:[email protected]:10096/nodejitsudb9995237560');
});

/**
 * Open Database
 */

var db = mongoose.connection;
db.on('error', console.error.bind(console, 'connection error:'));
db.once('open', function callback () {
  console.log('opened');
});

var models = {};

/**
 * Set up Routes
 */

// Main Route
app.get('/', routes.home);
// Additional Routes
require('./additionalRoutes')(app)


/**
 * Start Sever Listening
 */

server.listen(port, function(){
});


/*
 * Run background tasks here:
 */

// Run immediately
// tasks.myTask();

// Run periodically
// setInterval(tasks.myTask, 1000 * 60 * 10);
Problem courtesy of: aswen001

Related Articles

Solution

I figured it out. My cookie was expiring immediately because of the difference in time zones between my computer and the server. changed to expires: false

cookie: {   secure: true, 
                  path: '/',
                expires: false}
Solution courtesy of: aswen001

Discussion

View additional discussion.



This post first appeared on Node.js Recipes, please read the originial post: here

Share the post

req.session.user not "global" in my node.js project

×

Subscribe to Node.js Recipes

Get updates delivered right to your inbox!

Thank you for your subscription

×