Using Express sessions
Many of Passport's strategies are based on HTTP sessions. At the moment, our application is just using simple cookies to store user IDs. To use Passport for third-party authentication, we'll need to add session support into our application. Express provides session support in the express-session
module. First, we add this to our application:
> npm install express-session --save
We also need somewhere to store session data. Express supports a variety of session stores via additional modules. Redis is well suited to this task and we already have a Redis instance available. We can use the connect-redis
module to store sessions in Redis:
> npm install connect-redis --save
We can now create a new configuration module to keep all our session logic in one place. Since this will return middleware, we'll put it in the middleware
folder here src/middleware/sessions.js
:
'use strict'; const session = require('express-session'); let config = { secret: process.env.SESSION_SECRET...