cookie-session: req.session is null but cookies are not destroyed
I use cookie-session in my Express server that uses Parse Server. Then I have React webapp that do get/post to the server. This is how I setup
app.use(cookieSession({
name: 'parse-session',
secret: "SECRET_SIGNING_KEY",
maxAge: 15724800000
}));
and this is how I save user informations at login:
req.session.user = user;
req.session.token = user.getSessionToken();
it works well because when I call rest api:
request({
uri:'http://myapi.com/parse/users/me',
headers: {
'X-Parse-Application-Id': 'my-app-id',
'X-Parse-Session-Token': req.session.token
},
json:true
}).then((userData) => {
console.log(userData);
}).catch((error) => {
console.log(`User do not exist: ${error}`);
});
it gives me userData; the problem is at logout because I do this:
if(req.session){
req.session = null;
}
it put session at null, but if I try to do a request above, using it in React to call Express server:
fetch('/user',{credentials:'include'})
.then((response)=>{
return response.json();
})
.then((body)=>{
if(body.user){
console.log('vv',body.user);
this.setState({logIn:true});
}
else{
console.log('vv',body);
}
}).catch((error)=>{
console.log('My error:',error);
});
req.session.token continue to exist. Is there a way to delete cookie when put req.session = null ? Because the only way to delete the session token is when I delete history on the browser.
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Comments: 16 (8 by maintainers)
Add
res.end();afterreq.session = null;