I am working on ecommerce site where I want to save carts for all visitors using the session id generated with express-session. On dev mode it works perfectly but on prod the session id get regenerated with every request. I added app.set(“trust proxy”, 1); but it didn’t fix helped me to fix the session id.
Here my config for the session middleware:
<code>app.use(
session({
secret: process.env.ACCESS_TOKEN_SECRET_KEY,
resave: false,
saveUninitialized: false,
store: MongoStore.create({
mongoUrl: process.env.MONGODB_URI,
}),
cookie: {
maxAge: 30 * 24 * 60 * 60 * 1000,
httpOnly: true,
secure: process.env.NODE_ENV === "production",
sameSite: "None",
},
})
);
app.use((req, res, next) => {
console.log("Session ID:", req.session.id);
req.session.visited = true;
next();
});
app.set("trust proxy", 1);
app.use(passport.initialize());
app.use(passport.session());
</code>
<code>app.use(
session({
secret: process.env.ACCESS_TOKEN_SECRET_KEY,
resave: false,
saveUninitialized: false,
store: MongoStore.create({
mongoUrl: process.env.MONGODB_URI,
}),
cookie: {
maxAge: 30 * 24 * 60 * 60 * 1000,
httpOnly: true,
secure: process.env.NODE_ENV === "production",
sameSite: "None",
},
})
);
app.use((req, res, next) => {
console.log("Session ID:", req.session.id);
req.session.visited = true;
next();
});
app.set("trust proxy", 1);
app.use(passport.initialize());
app.use(passport.session());
</code>
app.use(
session({
secret: process.env.ACCESS_TOKEN_SECRET_KEY,
resave: false,
saveUninitialized: false,
store: MongoStore.create({
mongoUrl: process.env.MONGODB_URI,
}),
cookie: {
maxAge: 30 * 24 * 60 * 60 * 1000,
httpOnly: true,
secure: process.env.NODE_ENV === "production",
sameSite: "None",
},
})
);
app.use((req, res, next) => {
console.log("Session ID:", req.session.id);
req.session.visited = true;
next();
});
app.set("trust proxy", 1);
app.use(passport.initialize());
app.use(passport.session());