Advanced Node - Local Strategy Login

I’m trying to set up a login with a passport local strategy according to the Advanced Node exercises. Every control in the strategy seems to go fine, but the “ensureAuthenticated” middleware (in routes.js) keeps returning “false” on the req.isAuthenticated() control. I think I might have some session or user serialize problem here.

Here is the replit: boilerplate-advancednode - Replit

If you try to login with the right credentials, the Local Strategy flow goes down right, but then it won’t redirect you to /profile, as you are not logged in.

Does it matter that you use bcrypt to hash the password, but it doesn’t seem that you’ve imported bcrypt (don’t you need const bcrypt=require('bcrypt'); at the top? Maybe you can’t authenticate because your passwords are unidentified.

1 Like

You’re right, there was a missing bcrypt at the top of routes.js, but it doesn’t seem to be the issue here, i added it and nothing changed.

Also, why there was no error promped for the missing module?

Edit: Just found what was causing the issue.
In the express-session middleware i was using cookie: { secure: true }, changing it to false solved the issue.

    secret: process.env.SESSION_SECRET,
    resave: true,
    saveUninitialized: true,
    cookie: { secure: false },

“Secure” cookies will only send the session to the server over https, it clearly was not the case for my local dev server.

This topic was automatically closed 182 days after the last reply. New replies are no longer allowed.