I am having trouble identifying why exactly my session id is not being set in my expressjs backend api.
When I run Postman via a post request to /provision:
const express = require("express");
require("express-async-errors");
const cors = require("cors");
const cookieSession = require("cookie-session");
const createTables = require("./queries/create-tables");
const keys = require("./keys");
const cleanup = require("./queries/cleanup");
const app = express();
app.set("trust proxy", "127.0.0.1");
app.use(
cors({
origin:
process.env.NODE_ENV === "production"
? ["<some-domain>", "<some-domain>"]
: ["http://localhost:3000"],
credentials: true,
})
);
app.use(express.json());
app.use(
cookieSession({
secure: process.env.NODE_ENV === "production",
keys: [keys.cookieKey],
sameSite: "Lax",
httpOnly: true,
domain: "<some-domain>",
})
);
app.use((req, res, next) => {
console.log("Session:", req.session);
if (!req.session) {
return next(new Error("Session is not set up properly"));
}
next();
});
app.post("/provision", require("./provision"));
app.post("/query", require("./query"));
app.post("/reset", require("./reset"));
It appears to successfully run the provision.js logic:
const pool = require("./pool");
const createRole = require("./queries/create-role");
const createDb = require("./queries/create-db");
const { createId, validateId } = require("./queries/id");
module.exports = async (req, res) => {
let id = req.session.id;
if (!id) {
id = createId(8);
req.session.id = id;
}
validateId(id);
try {
await createRole(id);
await createDb(id);
res.send({ status: "ok" });
} catch (err) {
console.error(err);
throw new Error("Failed to provision db");
}
};
But when I go to run a post request on /query with the following query:
{
"query": "SELECT * FROM users WHERE id = 1"
}
I get:
{
"error": "Session ID is missing"
}
After verifying session middleware is correct, the session handling appears correct, but why is the session id still not being set?
1