Closed
Description
I have set up passport to use a custom authentication scheme, but for arguments sake, imagine it authenticates any user to the app. I have a 'landing' page with a login button that issues a post, handled as follows:
app.post('/:id/landing', function (req, res, next) {
passport.authenticate('myAuth', function (err, user) {
if (err || !user) {
return res.redirect('/' + req.params.id + '/landing' + req.body.redirectTo);
} else {
req.logIn(user, function () {
return res.redirect('/' + req.params.id + '/' + req.body.redirectTo);
});
}
})(req, res, next);
});
later, a route handler matches the redirect:
app.all('/:id/', function (req, res) {
if (req.isAuthenticated()) {
res.sendFile('index.html', {root: __dirname + '/../frontend/'});
} else {
// Instead of redirecting to /landing, simply render it.
// this gets round safari issue with losing url fragments during a redirect:
// https://bugs.webkit.org/show_bug.cgi?id=24175
//
res.render('landing', {message: '', previousID: '/' + req.params.id});
}
});
9 times out of ten, this all works fine, but occasionally req.isAuthenticated will return false. If I put some logging in, I can see that before the redirect I have a valid req.user object, but then in the second route handler following the redirect, req.user is undefined. Sometimes it works, sometimes it doesn't! (When it does work, req.user IS defined in the second route handler) Is this issue the same as others have reported around the user not being serialised correctly?
Metadata
Metadata
Assignees
Labels
No labels