distinct sessions for multiple apps
127 views
Skip to first unread message
darren
Jan 30, 2012, 7:07:30 PM1/30/12
to Express
I wasn't able to find a discussion on this and I'm sure I'm missing
something obvious.
Is there a way to maintain distinct sessions for multiple express apps
running on the same server?
For example, I'm running one express app at localhost:3000 and another
at localhost:8080. Logging into one invalidates the session of the
other, since they share the same cookie and it overwrites the cookie
sid. Alternatively, if I run these apps as mounted end-points,
logging into one logs me into the other one as well.
I'd like the authentication of these apps to be totally independent,
whether their running as standalone apps or mounted apps. I had a look
at the cookie-sessions example which seems promising... is the
recommended way?
thanks!
Darren
something obvious.
Is there a way to maintain distinct sessions for multiple express apps
running on the same server?
For example, I'm running one express app at localhost:3000 and another
at localhost:8080. Logging into one invalidates the session of the
other, since they share the same cookie and it overwrites the cookie
sid. Alternatively, if I run these apps as mounted end-points,
logging into one logs me into the other one as well.
I'd like the authentication of these apps to be totally independent,
whether their running as standalone apps or mounted apps. I had a look
at the cookie-sessions example which seems promising... is the
recommended way?
thanks!
Darren
knc
Jan 31, 2012, 1:43:54 AM1/31/12
to Express
It's not safe to rely on cookies being specific to ports on the same
host. See:
http://stackoverflow.com/a/4212964/131050
It depends on how you will be deploying these two apps on production.
Ideally they should be running on different domains or sub-domains. If
that's the case, cookie should be set domain specific.
For development, you might want to try modifying your /etc/hosts file
to simulate different hosts.
KNC
host. See:
http://stackoverflow.com/a/4212964/131050
It depends on how you will be deploying these two apps on production.
Ideally they should be running on different domains or sub-domains. If
that's the case, cookie should be set domain specific.
For development, you might want to try modifying your /etc/hosts file
to simulate different hosts.
KNC
darren
Feb 9, 2012, 12:57:31 PM2/9/12
to Express
Thanks KNC
I'm not attempting to differentiate the apps on the basis of their
port numbers. I'm looking for the way to set cookie parameters so each
mounted sub-app will have its own cookie. In production this will run
on different servers; I'm just need a workaround for my dev /
prototyping setup where I can host several sub-apps as mounted end-
points within Express, and each has it's own separate authentication.
It's seems like you should be able to mount sub-apps with autonomous
authentication by specifying the cookie path. I just got a bit side-
tracked and haven't quite figured it out yet. If anyone has done it
please share :o)
Darren
I'm not attempting to differentiate the apps on the basis of their
port numbers. I'm looking for the way to set cookie parameters so each
mounted sub-app will have its own cookie. In production this will run
on different servers; I'm just need a workaround for my dev /
prototyping setup where I can host several sub-apps as mounted end-
points within Express, and each has it's own separate authentication.
It's seems like you should be able to mount sub-apps with autonomous
authentication by specifying the cookie path. I just got a bit side-
tracked and haven't quite figured it out yet. If anyone has done it
please share :o)
Darren
Ivoszz
Feb 12, 2012, 3:28:09 PM2/12/12
to expre...@googlegroups.com
I did not tested it, but binding each express app to diffrent name (with the same IP address) should resolve the problem.
2012/2/9 darren <drder...@gmail.com>
--
You received this message because you are subscribed to the Google Groups "Express" group.
To post to this group, send email to expre...@googlegroups.com.
To unsubscribe from this group, send email to express-js+...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/express-js?hl=en.
Reply all
Reply to author
Forward
0 new messages