I’ve got a rather strange problem with my code on production server. On my MacOS it works perfectly, but when I deploy my app, I cannot login. After debug, I’ve found that I cant load session from req-object. Here’s the code of all main parts (settings,, login page and main page after login)
//SETTINGS
var express = require('express');
var app = express.createServer();
var mongo = require('mongodb'),
Server = mongo.Server,
Db = mongo.Db,
ObjectID = require('mongodb').ObjectID;
var BSON = require('mongodb').BSONPure;
var RedisStore = require('connect-redis')(express);
//connecting to mongo
var server = new Server('localhost', 27017, {
auto_reconnect: true
});
var db = new Db('metadocs-node_db', server);
//setting express app
app.set('view engine', 'ejs');
app.configure(function () {
app.use("/static", express.static(__dirname + '/static'));
app.use(express.bodyParser());
app.use(express.cookieParser());
app.use(express.session({
secret: "meta-meta",
store: new RedisStore
}));
app.use(express.methodOverride());
});
//login page - POST for /login page
app.post('/login', function (req, res) {
db.collection("users", function (err, collection) {
collection.findOne({
username: req.body.username
}, function (err, doc) {
if (doc && doc.password == req.body.password) {
req.session.user_id = doc._id;
res.redirect('/');
} else {
res.render('login.ejs', {
success_login: 1
});
}
});
});
});
//GET INDEX PAGE - only after login
app.get('/', loadUser, function (req, res) {
db.collection("companies", function (err, collection) {
collection.count(function (err, count) {
res.render('index.ejs', {
total_companies: count,
current_user: req.currentUser['username']
});
});
});
});
//loadUser() is function that creates/loads user session if possible
function loadUser(req, res, next) {
if (req.session.user_id) {
db.collection("users", function (err, collection) {
collection.findOne({
_id: new ObjectID(req.session.user_id)
}, function (err, user) {
if (user) {
req.currentUser = user;
next();
} else {
res.redirect('/login');
}
});
});
} else {
res.redirect('/login');
}
}
Here’s the problem code line:
if (req.session.user_id) {
in loadUser() function. The problem is req.session.user_id is empty – I’ve found it out while debugging every line step-by-step. What I’m doing wrong? It works on my Mac, but does’t work on Ubuntu.
I have tried the server you gave the address for at another post for this same problem. Cookies are set without any problems. I logged in successfully. However, one thing caught my attention: expiration time. It is 6/26/12 23:18 GMT now and your cookie expiration is set to 27 Jun 2012 03:18 GMT, which leaves only 4 hours before cookie is expired.
It is perfectly okay to set cookies that will expire in 4 hours; unless your server or a client has wrong date/time or timezone set. Could you please make sure that the working/non-working clients and of course your server have the correct date/times and time zones set up? I believe this is probably the reason of your problem.
On systems I develop, I give cookies expiration times for one year. I validate session on server side without depending on cookie expiration. I do not use connect for cookie and session management since I am always more comfortable doing these things myself. However you can do the same thing while you are still using connect. At session settings, you should set maxAge for cookie to a higher value:
Below code is copied from connect documentation. I have just added maxAge parameter on third line, setting expiration to one day.
I hope your problem is solved with this.