Question 117779 in Mongodb Question posted in
The official documentation can be found here.

Mongodb – "Login sessions require session support. Did you forget to use `express-session` middlewar?"

Learning node.js encountered this error "Login sessions require session support. Did you forget to use express-session middlewar?" Has anyone encountered this specific error when creating a Node.js project and, if so, what did you do to solve?

const express = require('express');

const cors = require('cors');

const bodyParser = require('body-parser');

const mongoose = require('mongoose');

const passport = require('passport');

const path = require('path');

const config = require('./config/db');

const account = require('./routes/account');

const session = require('express-session');

const app = express();

const port = 3000;

app.use(passport.initialize());
app.use(passport.session());

require('./config/passport')(passport);

app.use(cors());

app.use(bodyParser.json());


mongoose.connect(config.db);

mongoose.connection.on('connected', () => {
    console.log("Successful connection to the database")
});

mongoose.connection.on('error', (err) => {
    console.log("Not successful connection to the database")
});


app.listen(port, () => {
    console.log("The server was running on the port: " + port)
});

app.get('/', (req,res) => {
    res.send("Home page")
});

app.use('/account', account);


const express = require('express');

const router = express.Router();

const User = require('../models/user');

const passport = require('passport');

const jwt = require('jsonwebtoken');

const config = require('../config/db');


router.post('/reg', (req,res) => {
    let newUser = new User({
        name: req.body.name,
        email: req.body.email,
        login:req.body.login,
        password: req.body.password,
    }); 





    User.addUser(newUser, (err, user) => {
        if(err) {
            res.json({success: false, msg: "User has not been added."})
        }
        else {
            res.json({success: true, msg: "User has been added"})
        }
    })
});



router.get('/auth', (req,res) => {
    res.send("Login page")
});

router.get('/dashboard', passport.authenticate('jwt', {session : false}), (req,res) => {
    res.send("Dashboard")
});

module.exports = router;
Tags:

4

Answers


  1. 0

    The error is asking a relevant question: "Did you forget to use express-session middleware?".

    And indeed, you’re loading passport.session() but you’re not using express-session, which is a requirement.

    To fix it, use express-session before using passport.session():

    app.use(session({ … }));
app.use(passport.initialize());
app.use(passport.session());
    Login or Signup to reply.
  2. 0

    I faced same problem. But the real problem lied in the "passport" version compatibility with JWT module. By downgrading from passport 0.8.0 to 0.4.0 the issue was easily resolved. My code worked fine with the following configuration:

    "passport": "^0.4.0",
"passport-jwt": "^4.0.0",
"passport-local": "^1.0.0",
"passport-local-mongoose": "^5.0.1",
"session-file-store": "^1.5.0"
    Login or Signup to reply.
  3. 0

    I don’t have a high enough reputation to add a comment to the answer telling you to downgrade your passport version, but doing so can introduce vulnerabilities…

    Instead, look at https://www.npmjs.com/package/passport and see if your app has this: (version 0.6.0)

    var app = express();
app.use(require('serve-static')(__dirname + '/../../public'));
app.use(require('cookie-parser')());
app.use(require('body-parser').urlencoded({ extended: true }));
app.use(require('express-session')({ secret: 'keyboard cat', resave: true, saveUninitialized: true }));
app.use(passport.initialize());
app.use(passport.session());

    For me, the fix was telling express to use ‘express-session’.

    Login or Signup to reply.
  4. 0

    I got this error when I’m using passport google Oauth and JWT token without session. In order to solve this error, I had to set the session to false in google callback. Here is my example:

      router. Get(
    "/googleLogin/callback",
    passport.authenticate("google", {
      session: false,
      failureRedirect: frontEndUrl + "/user/login",
    }),
    expressAsyncHandler((req, res) => {
      setAccessTokenCookie(req.user, res);
      res.redirect(frontEndUrl);
    })
  );
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search