Can't get redis session in sailsjs

Question

I have two APIs. When i hit first API from Atom, i am setting a parameter in session which is successful. But when i hit second API and trying to get session by req.session, it creates a new session instead of giving previous session. Ho do get session and parameter i set in first API into second API.

Below is my first API code in which i am setting session parameter.

function firstAPI(req, res) {////This is POST API
    session = req.session;
    ////Doing something with req
    session.message="my message";
    sails.log.info("session " + JSON.stringify(session));
    res.send(""session is set);
}

In terminal i am getting following session

session {"cookie":{"originalMaxAge":180000,"expires":"2017-02-28T05:03:25.304Z","httpOnly":true,"path":"/"},"message":"my message"}

Below is my second API code in which i am trying to retrieve session.

function secondAPI(req, res) {
sails.log.info("session= " + JSON.stringify(req.session));
}

Log for second API is

session= {"cookie":{"originalMaxAge":180000,"expires":"2017-02-28T05:04:18.623Z","httpOnly":true,"path":"/"}}

Following is my config/session.js file

module.exports.session = {

secret: '123abc',

cookie: {
    maxAge: 3 * 60 * 1000,
},


adapter: 'redis',

host: 'localhost',
port: 6379,
db: 0,
prefix: 'sess:',
}

You can see i have set cookie time 3 mins. and in between i hit the second API. Anyone find any mistake in this?

No, it does not. should i had to? if yes then in header or body? — anish gandhi, Feb 28 '17 at 08:40

score 0 · Answer 1 · edited Jun 20 '20 at 09:12

0

Second request must send the cookie set by first request (in Cookie header) in order to retrieve the session.

Browsers as a client sends cookie set for the domain, by default. Other clients like cURL need to be specified. If you specifically want to use Atom check whether/how it supports to send cookie.

See Cookies & sessions:

Sessions are server-side files that contain user information, while Cookies are client-side files that contain user information. Sessions have a unique identifier that maps them to specific users. This identifier can be passed in the URL or saved into a session cookie.

Most modern sites use the second approach, saving the identifier in a Cookie instead of passing it in a URL (which poses a security risk). You are probably using this approach without knowing it

edited Jun 20 '20 at 09:12

Community

1
1

answered Feb 28 '17 at 08:55

Sangharsh

2,999
2
15
27

Sangharsh Thanx for the reply. But i also tried calling my api from UI(angularjs) and hit my api from browser. it did not worked – anish gandhi Feb 28 '17 at 09:17
In Atom same cookie is going in header(i checked the cookie value), but still it does not work. – anish gandhi Feb 28 '17 at 09:25
In that case, it is not clear to me where/how it is breaking. – Sangharsh Feb 28 '17 at 13:38

Can't get redis session in sailsjs

1 Answers1