Passport – user is always authenticated after login once

问题内容:

This is my first project using passport and I’ve never dealt with authentication before.


Ive followed this one guide for my application: https://github.com/webdevboy/node-express-jade–passport-mssql

And most of my code for auth is the same as the guide

My problem is, after logging in, it is possible to access the profile page of the user authenticated on different browsers and PCs using the same IP, even though those never went through authentication. I’ve searched for the cause of my issue but couldn’t find a solution.

This is the code for session:

app.use(session({
cookie: {
    maxAge: new Date(Date.now() + (7 * 24 * 60 * 60 * 1000))
},
secret: 'secret',
resave: false,
name: "ucompany",
saveUninitialized: true
}))

I would really appreciate any help, since I’ve never done that before and I’m kinda lost.

问题评论:

原文地址:

https://stackoverflow.com/questions/47756122/passport-user-is-always-authenticated-after-login-once

添加评论

友情链接:蝴蝶教程