1

I have a problem trying to create an APIRest with express.

Currently, I have register and login working correctly using MongoDB and passport, the problem is that when I login, I need the API to understand that the user is still logged in, so I'm using:

//Session
app.use(session({
    secret: 'keyboard cat',
    resave: false,
    saveUninitialized: true,
    cookie: { httpOnly: false, maxAge: null, secure: false },
    store: new MongoStore({
        url: configDB.url,
        collection: 'sessions'
    })
}));

To check if the user is authenticated, i'm using:

//Confirm Login status
app.get('/api/loggedin', function (req, res) {
    return res.send(req.isAuthenticated() ? req.user : 'Not Logged!');
});

With the function:

function IsAuthenticated(req, res, next) {
    if (req.isAuthenticated()) {
        next();
    } else {
        next(res.send('Sorry!'));
    }
}

Using Postman, it works just fine, I can see te cookie "connect.sid". But when I login from angularjs using this endpoint, the cookie is not beeing set, and basically, it does not work, returns "Not Logged!".

PS: I'm using ionic as my framework. My node API server is under Azure webapp.

Any question lt me know guys, thanks so far!

Yoan
  • 2,158
  • 1
  • 12
  • 21
William Xavier
  • 478
  • 3
  • 20
  • is your html being served from the same domain as your api? – Ryan Dec 27 '16 at 23:55
  • @Ryan No, it is beeing served on the localhost, it will become an mobile app later – William Xavier Dec 27 '16 at 23:59
  • it is probably a CORS issue, make sure that withCredentials: true is set for all http requests. http://stackoverflow.com/questions/16882245/http-request-doesnt-send-cookies-cross-domain-in-angular-cors – Ryan Dec 27 '16 at 23:59
  • @Ryan i can see that set-cookie is present when i make the call, but when i go to application tab on chrome console, the cookie is not there – William Xavier Dec 28 '16 at 00:31

0 Answers0