Express JS session value undefined? - javascript

let createError = require("http-errors");
let express = require("express");
let path = require("path");
let cookieParser = require("cookie-parser");
let logger = require("morgan");
const session = require("express-session");
let fileStore = require("session-file-store")(session);
const oneDay = 1000 * 60 * 60 * 24;
// Routers
let indexRouter = require("./routes/index");
let usersRouter = require("./routes/users");
let loginPage = require("./routes/login");
let app = express();
// System settings
app.set("views", path.join(__dirname, "views"));
app.set("view engine", "ejs");
app.set("trust proxy", 1);
app.use(logger("dev"));
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, "public")));
app.use(
session({
secret: "SECRET_KEY_FOR_SESSION",
saveUninitialized: true,
resave: false,
cookie: { maxAge: oneDay, secure: !true },
store: new fileStore(),
})
);
app.use("/", indexRouter);
app.use("/login", loginPage);
app.use("/users", usersRouter);
app.get("/createSession", (req, res, next) => {
res.send("This is sessionCreate file");
let mysession = req.session.save;
mysession.data = "LOGIN";
res.end;
});
app.get("/getSession", (req, res, next) => {
let getsession = req.session;
res.send(`${getsession.data}`);
res.end;
});
// catch 404 and forward to error handler
app.use(function (req, res, next) {
next(createError(404));
});
// error handler
app.use(function (err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get("env") === "development" ? err : {};
// render the error page
res.status(err.status || 500);
res.render("error");
});
module.exports = app;
getsession.data === undefined?
I uploaded a variable to the session but it was not detected?
All system settings are set correctly but what is the error? Session => The session is being saved to a storage folder but cannot be read.
session_saved_folder
Specifies the boolean value for the Secure Set-Cookie attribute. When truthy, the Secure attribute is set, otherwise it is not. By default, the Secure attribute is not set.
Note be careful when setting this to true, as compliant clients will not send the cookie back to the server in the future if the browser does not have an HTTPS connection.
Please note that secure: true is a recommended option. However, it requires an https-enabled website, i.e., HTTPS is necessary for secure cookies. If secure is set, and you access your site over HTTP, the cookie will not be set. If you have your node.js behind a proxy and are using secure: true, you need to set "trust proxy" in express:

Related

Deploying app to Heroku, ENV variables not wokring

I have recently deployed my node js app to Heroku and am having some trouble getting my app to work. My app loads but when i try to sign in it breaks. As far as I can tell is the environment variable are not loading correctly for some reason. The db variable is a string taken from my .ENV file and is the Monogo URI used to connect to mongo db. For some reason when heroku runs it process.env.MongoURI is coming undefined. Does anybody know why this might be happening?
The specific error I am getting is.
Error
MongooseError: The `uri` parameter to `openUri()` must be a string, got "undefined". Make sure the first parameter to `mongoose.connect()` or `mongoose.createConnection()` is a string.
App.js
/* eslint-disable no-unused-vars */
/* eslint-disable comma-dangle */
/* eslint-disable no-console */
/* eslint-disable arrow-parens */
const createError = require('http-errors');
const express = require('express');
const expressLayouts = require('express-ejs-layouts');
const path = require('path');
const cookieParser = require('cookie-parser');
const logger = require('morgan');
const mongoose = require('mongoose');
const flash = require('connect-flash');
const session = require('express-session');
const passport = require('passport');
const dotenv = require('dotenv');
dotenv.config();
const indexRouter = require('./server/index');
const port = process.env.PORT || 3000;
const app = express();
require('./server/config/passport')(passport);
// DB Config
const db = process.env.MongoURI;
mongoose.connect(db, { useNewUrlParser: true, useUnifiedTopology: true }) // I beleieve this is the line that is breaking the code.
.then(() => { console.log('MONGODB Connected'); })
.catch(err => console.log(err));
app.use(expressLayouts);
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.use(session({
secret: 'secret',
resave: true,
saveUninitialized: true
}));
app.use(passport.initialize());
app.use(passport.session());
app.use(flash());
app.use((req, res, next) => {
res.locals.success_msg = req.flash('success_msg');
res.locals.error_msg = req.flash('error_msg');
res.locals.error = req.flash('error');
next();
});
app.use('/', indexRouter);
// catch 404 and forward to error handler
app.use((req, res, next) => {
next(createError(404));
});
// error handler
app.use((err, req, res, next) => {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : {};
// render the error page
res.status(err.status || 500);
res.render('error');
});
app.listen(port, () => {
console.log(`Running on port ${port}`);
});
module.exports = app;
You probably should use Heroku's built in environment variable editor for this purpose.
First of all, make sure that your .env is added to your .gitignore file. When you deploy your project to heroku, it will automatically adapt to the variables on its new host.
Find more: https://devcenter.heroku.com/articles/node-best-practices#be-environmentally-aware

Node JS session errors: express-session deprecated

When running my app.js I get this in the terminal:
express-session deprecated undefined resave option; provide resave option node_modules\admin-bro-expressjs\plugin.js:176:14
express-session deprecated undefined saveUninitialized option; provide saveUninitialized option node_modules\admin-bro-expressjs\plugin.js:176:14
express-session deprecated req.secret; provide secret option node_modules\admin-bro-expressjs\plugin.js:176:14
express-session deprecated req.secret; provide secret option app.js:34:5
this is what I have in my process.env :
SESSION_SECRET = "This is my final project of undergrad!"
when I try to load the page on localhost this is what I get so it won't let me see any of my webpage work:
secret option required for sessions
Error: secret option required for sessions
at session (C:\Users\lil_s\Downloads\Rich Internet Applications Spring 2021\EAZ6NEJsports\EAZ6NEJsports-master\node_modules\express-session\index.js:200:12)
at Layer.handle [as handle_request] (C:\Users\lil_s\Downloads\Rich Internet Applications Spring 2021\EAZ6NEJsports\EAZ6NEJsports-master\node_modules\express\lib\router\layer.js:95:5)
at trim_prefix (C:\Users\lil_s\Downloads\Rich Internet Applications Spring 2021\EAZ6NEJsports\EAZ6NEJsports-master\node_modules\express\lib\router\index.js:317:13)
at C:\Users\lil_s\Downloads\Rich Internet Applications Spring 2021\EAZ6NEJsports\EAZ6NEJsports-master\node_modules\express\lib\router\index.js:284:7
at Function.process_params (C:\Users\lil_s\Downloads\Rich Internet Applications Spring 2021\EAZ6NEJsports\EAZ6NEJsports-master\node_modules\express\lib\router\index.js:335:12)
at next (C:\Users\lil_s\Downloads\Rich Internet Applications Spring 2021\EAZ6NEJsports\EAZ6NEJsports-master\node_modules\express\lib\router\index.js:275:10)
at SendStream.error (C:\Users\lil_s\Downloads\Rich Internet Applications Spring 2021\EAZ6NEJsports\EAZ6NEJsports-master\node_modules\serve-static\index.js:121:7)
at SendStream.emit (events.js:315:20)
at SendStream.error (C:\Users\lil_s\Downloads\Rich Internet Applications Spring 2021\EAZ6NEJsports\EAZ6NEJsports-master\node_modules\send\index.js:270:17)
at SendStream.onStatError (C:\Users\lil_s\Downloads\Rich Internet Applications Spring 2021\EAZ6NEJsports\EAZ6NEJsports-master\node_modules\send\index.js:421:12)
at next (C:\Users\lil_s\Downloads\Rich Internet Applications Spring 2021\EAZ6NEJsports\EAZ6NEJsports-master\node_modules\send\index.js:764:28)
at C:\Users\lil_s\Downloads\Rich Internet Applications Spring 2021\EAZ6NEJsports\EAZ6NEJsports-master\node_modules\send\index.js:772:23
at FSReqCallback.oncomplete (fs.js:183:21)
Here is app.js below in full as requested by Deepak on their comment:
const dotenv = require("dotenv").config();
const createError = require("http-errors");
const express = require("express");
const path = require("path");
const cookieParser = require("cookie-parser");
const logger = require("morgan");
const mongoose = require("mongoose");
const session = require("express-session");
const passport = require("passport");
const flash = require("connect-flash");
const Category = require("./models/category");
var MongoStore = require("connect-mongo")(session);
const connectDB = require("./config/db");
const app = express();
require("./config/passport");
// mongodb configuration
connectDB();
// view engine setup
app.set("views", path.join(__dirname, "views"));
app.set("view engine", "ejs");
// admin route
const adminRouter = require("./routes/admin");
app.use("/admin", adminRouter);
app.use(logger("dev"));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, "public")));
app.use(
session({
secret: process.env.SESSION_SECRET,
resave: false,
saveUninitialized: false,
store: new MongoStore({
mongooseConnection: mongoose.connection,
}),
//session expires after 3 hours
cookie: { maxAge: 60 * 1000 * 60 * 3 },
})
);
app.use(flash());
app.use(passport.initialize());
app.use(passport.session());
// global variables across routes
app.use(async(req, res, next) => {
try {
res.locals.login = req.isAuthenticated();
res.locals.session = req.session;
res.locals.currentUser = req.user;
const categories = await Category.find({}).sort({ title: 1 }).exec();
res.locals.categories = categories;
next();
} catch (error) {
console.log(error);
res.redirect("/");
}
});
// add breadcrumbs
get_breadcrumbs = function(url) {
var rtn = [{ name: "Home", url: "/" }],
acc = "", // accumulative url
arr = url.substring(1).split("/");
for (i = 0; i < arr.length; i++) {
acc = i != arr.length - 1 ? acc + "/" + arr[i] : null;
rtn[i + 1] = {
name: arr[i].charAt(0).toUpperCase() + arr[i].slice(1),
url: acc,
};
}
return rtn;
};
app.use(function(req, res, next) {
req.breadcrumbs = get_breadcrumbs(req.originalUrl);
next();
});
//routes config
const indexRouter = require("./routes/index");
const productsRouter = require("./routes/products");
const usersRouter = require("./routes/user");
const pagesRouter = require("./routes/pages");
app.use("/products", productsRouter);
app.use("/user", usersRouter);
app.use("/pages", pagesRouter);
app.use("/", indexRouter);
// catch 404 and forward to error handler
app.use(function(req, res, next) {
next(createError(404));
});
// error handler
app.use(function(err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get("env") === "development" ? err : {};
// render the error page
res.status(err.status || 500);
res.render("error");
});
var port = process.env.PORT || 3000;
app.set("port", port);
app.listen(port, () => {
console.log("Server running at port " + port);
});
module.exports = app;
If there is anything else you need me to provide to help, please let me know! Thanks in advance everybody!
I discovered today that repl.it stopped parsing .env files, so you have to add your environment variables to the secrets section instead.

node-postgres queries not returning anything in Express routes async routes

I'm trying to run a simple query from an express route:
var router = require('express-promise-router')()
const { Pool } = require('pg')
const pool = new Pool({
user: 'user',
password: 'password',
host: 'host',
port: 1234,
database: 'db'
})
router.get('/', async (req, res) => {
console.log('OK')
try {
const { rows } = await pool.query('Select VERSION()')
console.log(rows)
}
catch(e) {
console.log(e)
}
console.log('DONE')
})
module.exports = router
'OK' Prints after sending the request but rows, e, or 'DONE' never print. I'm following the async/await method directly from https://node-postgres.com/guides/async-express.
I've also came across a thread for koa-router where people were having issues with async await calls because of some middle-ware they added that wasn't synchronous
https://github.com/ZijianHe/koa-router/issues/358.
I'm not sure what middle-ware would cause this but here's my app.js that initializes all middle-ware:
var createError = require('http-errors');
var path = require('path');
var cookieParser = require('cookie-parser');
var logger = require('morgan');
var cors = require("cors");
var indexRouter = require('./routes/index');
var usersRouter = require('./routes/users');
var dataRouter = require("./routes/data");
var uploadRouter = require("./routes/upload")
var fundingRouter = require('./routes/chartData/fundingOverview')
var testRouter = require('./routes/test')
var authRouter = require('./routes/auth')
var session = require('express-session')
var MongoStore = require('connect-mongo')(session)
var passport = require('passport')
const config = require('config')
const mongo = config.get('mongo')
const mongoose = require('mongoose')
mongoose.connect(mongo, {
useUnifiedTopology: true,
useNewUrlParser: true,
useFindAndModify: false
}).then(res => {
console.log('connected')
}).catch(err => {
console.log(err)
})
var express = require('express');
const mountRoutes = require('./routes')
var app = express();
const bodyParser = require('body-parser')
app.use(bodyParser.json())
mountRoutes(app)
app.use(cors())
var sessionMiddleWare = session({
secret: 'top session secret',
store: new MongoStore({ mongooseConnection: mongoose.connection }),
resave: true,
saveUninitialized: true,
unset: 'destroy',
cookie: {
httpOnly: false,
maxAge: 1000 * 3600 * 24,
secure: false, // this need to be false if https is not used. Otherwise, cookie will not be sent.
}
})
app.use(sessionMiddleWare)
// Run production React server on Node server
if(process.env.NODE_ENV === 'production') {
app.use(express.static('client/build'))
app.get('*', (req, res) => {
res.sendFile(path.resolve(__dirname, 'client', 'build', 'index.html'))
})
}
// End Run production React Server on Node Server
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade');
app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({
extended: false
}));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
// app.use('/upload', uploadRouter)
// app.use('/', indexRouter);
// app.use('/users', usersRouter);
// app.use('/data', dataRouter)
// app.use('/funding', fundingRouter)
// app.use('/login', usersRouter)
// app.use('/auth', authRouter)
// catch 404 and forward to error handler
// app.use(function(req, res, next) {
// next(createError(404));
// });
// error handler
app.use(function(err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : {};
// render the error page
res.status(err.status || 500);
res.render('error');
});
module.exports = app;
I'm mounting the routes directly after body parser. That's the only middle-ware that's called before the routes and is required in order for me to get data into the back end.
I'm able to execute that simple query by putting it into a script file and running 'node test.js' (I.E without the router) and it works fine so I know it's not a problem with node-postgre.
I know this is a problem with the call stack not being totally synchronous but I'm confused as to what's not at this point. I even made the axios call on the front-end async/await with no luck (I don't think it was necessary though).
Any guidance would be help a lot.
EDIT:
I created a fresh express skeleton and hooked my front-end to make a call to a route on the new express server with the same code, it worked. It led me to discover the call wasn't being completed because I was running the server with Nodemon. When I start the server using 'yarn start' the async calls get processed correctly. The question now is what in nodemon makes async router calls not work?
You need to finish the request/response cycle in your middleware.
So in your code:
router.get('/', async (req, res) => {
console.log('OK')
try {
const { rows } = await pool.query('Select VERSION()')
console.log(rows)
res.status(200).json(rows)
}
catch(e) {
console.log(e)
res.status(500).json(e)
}
console.log('DONE')
})

Twitter Oauth Node.js Express console.log not showing

I am using the following code to implmenet twitter Oauth in node.js. The token and tokenSecret are not showing up in the console.
Everything else is working correctly, like the login, authentication, and callback functions.
All I see in the console are the access logs like the following:
GET / 304 197.320 ms - -
GET /stylesheets/style.css 304 2.092 ms - -
GET /auth/twitter 302 404.252 ms - 0
All I want to do is show the access token and access secret of the authenticated user.
var createError = require('http-errors');
var express = require('express');
var session = require('express-session');
var path = require('path');
var cookieParser = require('cookie-parser');
var logger = require('morgan');
var passport = require('passport');
var TwitterStrategy = require('passport-twitter').Strategy;
var config = require('./config');
var indexRouter = require('./routes/index');
var usersRouter = require('./routes/users');
var app = express();
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade');
app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.use(session({
secret: 'secret-key',
resave: true,
saveUninitialized: true
}));
app.use(passport.initialize());
app.use(passport.session());
// passport-twitter settings
passport.use(new TwitterStrategy({
consumerKey: config.consumerKey,
consumerSecret: config.consumerSecret,
callbackURL: config.callbackURL
},
// After authentication
function(token, tokenSecret, profile, done) {
console.log("token: " + token);
console.log("tokenSecret: " + tokenSecret);
return done(null, profile);
}
));
// Save to session
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(user, done) {
done(null, user);
});
app.use('/', indexRouter);
app.use('/success', usersRouter);
app.get('/auth/twitter', passport.authenticate('twitter'));
app.get('/auth/twitter/callback',
passport.authenticate('twitter', { failureRedirect: '/?auth_failed' }),
function (req, res) {
res.redirect('/success');
});
// catch 404 and forward to error handler
app.use(function(req, res, next) {
next(createError(404));
});
// error handler
app.use(function(err, req, res, next) {
// set locals, only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : {};
// render the error page
res.status(err.status || 500);
res.render('error');
});
module.exports = app;
I set the callback url in the twitter app page to "http://localhost:3000/auth/twitter/callback" and it worked.

NodeJS + Express: share session across multiple routes

I have an Express web application with some routes. The routes need to share the session when the web app interacts with users. The routes are declared in separate js files from the app.js.
In my app.js
var createError = require('http-errors');
var express = require('express');
var parseurl = require('parseurl')
var session = require('express-session')
var path = require('path');
var cookieParser = require('cookie-parser');
var logger = require('morgan');
var p_conf = require('./parse_config');
// Declare routes here
var indexRouter = require('./routes/index'); // index route
var usersRouter = require('./routes/users'); // user route
var itemRouter = require('./routes/items'); // item route
var app = express();
app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
// set up express-session
var sessionMiddleware = session({
secret: 'keyboard cat',
resave: true,
saveUninitialized: true
});
app.use('/', indexRouter);
app.use('/users', usersRouter);
app.use('/items', itemRouter);
// Assign an object to the session
app.use(function (req, res, next) {
req.session.test = "test";
next();
});
module.exports = app;
In my item.js for the item route:
const path = require('path');
const express = require('express');
const fetch = require('node-fetch');
const router = express.Router();
const p_conf = require('../parse_config');
const db_item = require('../db/db_item');
/* GET route root page. */
router.get('/', function(req, res, next) {
// Get the object in the session
console.log(req.session.test);
db_item.getItems()
.then(function(result) {
if (typeof result === "object")
return res.send(result["results"]);
else
return res.send(JSON.stringify({ "Error": String(result) }));
})
.catch((err) => {
return next(err);
})
});
module.exports = router;
In the app.js the session is created and assigned with a test object when the web app is initialised. The item route is supposed to get the same session and retrieve the test object. However, req.session.test is always undefined when the route root is accessed.
How can the item and user routes access the session and share the session scoped objects across?
Try changing the order of declaring routes and session in app.js. Also, need to use sessionMiddlware (app.use) before using session.
var sessionMiddleware = session({
secret: 'keyboard cat',
resave: true,
saveUninitialized: true
});
app.use(sessionMiddleware);
app.use(function (req, res, next) {
req.session.test = "test";
next();
});
app.use('/', indexRouter);
app.use('/users', usersRouter);
app.use('/items', itemRouter);

Categories