Two things. 1. cookieParser is commented because in the present state it's not a middleware, just a function that returns one (I think, didn't check it). If you used `app.use(cookieParser());` instead, I believe you would get your cookie.
2. Auth - you have the app.use(session()); in there. This is why your auth works. Basically, session will read it's own cookie, even if you don't parse it for other stuff, like reading data in your request (you shouldn't, anyway). On a side note, you might want to consider removing cookies completely - just return an auth-token on login response instead of session and cookies. Then the client only has the token and you don't manage client state. There is even passport stuff for this. On Monday, May 11, 2015 at 7:58:21 PM UTC+2, joel wrote: > > I am working on existing code base that someone else wrote. it's > Angular+Node.js. > I am trying to split it into 2 apps - serving angular with nginx and API > service using Node.js. > > I have nginx as a reverse proxy. the angular is running on port 3001 and > the API on 3000. > The problem is after a successful login (using passport local strategy), > the next API is being called with no cookie in the request (I see it in the > chrome console). > Afret reading https://github.com/jaredhanson/passport/issues/12 I added . > my-site.com to the express session middleware but it's still not working. > any tips? > > Thanks! > > var express = require('express'); > var favicon = require('serve-favicon'); > var logger = require('morgan'); > // var cookieParser = require('cookie-parser') > var bodyParser = require('body-parser'); > var session = require('express-session'); > var allowCrossDomain = require('./allow_cross_domain.js'); > var app = express(); > > // middelwares > > // app.use(cookieParser); // i am not sure why it's commented. if i > uncomment this things don't work. > app.use(bodyParser.json()); > app.use(bodyParser.urlencoded({ extended: false })); > app.use(session({secret: 'sBio', cookie: {maxAge: 4320000, domain: '. > my-site.com'}, resave:false, saveUninitialized:false})); > app.use(allowCrossDomain); > > // routes > ... > ... > ... > > > -- Job board: http://jobs.nodejs.org/ New group rules: https://gist.github.com/othiym23/9886289#file-moderation-policy-md Old group rules: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to nodejs+unsubscr...@googlegroups.com. To post to this group, send email to nodejs@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/nodejs/669774aa-3433-4fd9-a177-56228c456caa%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
