Giters

jdesboeufs / connect-mongo

MongoDB session store for Express

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Only one user session is created instead of a new session for each different logged in user

skepticon7 opened this issue · comments

commented

Hello , I have a problem regarding my login application , im using passport-local strategy to authenticate users but the problem is that only one user session is created at the MongoStore , instead of a unique session for each logged in user , every single recently logged in user overwrites the old session and stores the ID in the only session that exists here is my code if anybody wants to help . Thank you

const express = require("express");
const mongoose = require("mongoose");
const BodyParser = require("body-parser");
const bcrypt = require("bcrypt");
const passport = require("passport");
const session = require("express-session");
const MongoStore = require("connect-mongo");
const LocalStrategy  = require("passport-local").Strategy;
const DBURL = "mongodb://127.0.0.1/SDB";

app = express();


mongoose.connect(DBURL).then(()=>{
    console.log("successfully connected to database");
}).catch((err)=>{
    console.log("error,connecting to database");
})

const sessionStore = MongoStore.create({
    mongoUrl : DBURL,
    collectionName : "sessionas"
});

const UserSchema = new mongoose.Schema({
    username: { type: String , required: true },
    email:String,
    password : String
}) ;

const User = new mongoose.model("User" , UserSchema);

app.use(BodyParser.urlencoded({extended:true}));
app.set("view engine","ejs");

app.use(session({
    secret:"SecretKey",
    saveUninitialized : false,
    resave:false,
    store : sessionStore
}));

passport.serializeUser(function(user, done) {
    done(null, user.id); 

});


passport.deserializeUser(function(id, done) {
    User.findById(id)
        .then(function(user) {
            if(user){
                done(null, user);
            }else{
                done(err, null);
            }
        })
        .catch(function(err) {
            done(err, null);
        });
});


app.use(passport.initialize());
app.use(passport.session());

passport.use(new LocalStrategy(
    async function(username , password , done)
    {
        try {
            const data = await User.findOne({username : username});
            if (!data) {
                return done(null, false);
            }
            
            const isValidPassword = bcrypt.compare(password , data.password);
            if (isValidPassword) {
                return done(null,data);
               
            } else {
                
                return done(null, false);
            }
        } catch (error) {
            console.error(error);
            return done(error);
        }
    }
  ));

app.get("/",(req,res)=>{
    res.render("login");
})

app.post('/',passport.authenticate("local",{ failureRedirect: "/login" , successRedirect:"/secure" }));
    


app.get("/secure",(req,res)=>{
    res.send("welcome to secure route");
})

app.get("/signup",(req,res)=>{
    res.render("signup");
});

app.post("/signup" , async function(req,res){
    const un = req.body.username;
    const email = req.body.email;
    try {
        const hashedpsw = await bcrypt.hash(req.body.password,10);
        console.log(hashedpsw);
        const NewUser  = new User({
            username:un,
            email:email,
            password:hashedpsw
        });
        NewUser.save();

    } catch (error) {
        res.status(500).send("error internal server");
    }


    
    res.redirect("/");
});


app.listen(3000,()=>{
    console.log("server listening on port 3000");
});