Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Handling Seesion Store using Redis #250

Closed
dasarindam opened this issue Jun 25, 2021 · 8 comments
Closed

Handling Seesion Store using Redis #250

dasarindam opened this issue Jun 25, 2021 · 8 comments
Labels
question Further information is requested

Comments

@dasarindam
Copy link

Hi Team ,
I am trying to create a app where I thought of saving the token in the session and reuse the same in other different API call. Pls can some one said if this is the right way ? Is this implementation is the correct way ? Does session has been declared in coreect place ? TIA

  1. index.js
    openauth.init()

  2. openauth.js

var session = require...
const redisStrore = require('connect-redis')(session)
app.use(
auth({
session : {
    name : "SessionKey",
    store : new redisStore({client : redisClient})
}
})
  1. partnerVerify.js
app.use('/verify', requireAuth(), req, res) =>{.
// all fine here.
// how do I get the SessionKey or Redis Session Key which is generated in the Redis  DB ?
}
app.use('callAPI', req,res) => {

// how to get the key and the redis data ?

}
@adamjmcgrath
Copy link
Contributor

Hi @dasarindam

I am trying to create a app where I thought of saving the token in the session and reuse the same in other different API call.

Have a look at the example Obtaining access tokens to call external APIs and let me know if that answers your question

@adamjmcgrath adamjmcgrath added the question Further information is requested label Jun 25, 2021
@dasarindam
Copy link
Author

I have done the above solution and works fine.
But What I am looking for is that, I am storing the session information into the RedisMemory using custom session. Later in the partnerVerify.js I want to retrieve using the redis key . So I want to read the key from the session that has been created by the openauth.

@adamjmcgrath
Copy link
Contributor

Hey @dasarindam - you can get everything you need from the session data to read user claims and access an api using the req.oidc api, eg

app.use('callAPI', req,res) => {
  req.oidc.user; // user 
  req.oidc.accessToken; // accessToken
}

What do you need the Redis session key and Redis data directly for?

@dasarindam
Copy link
Author

dasarindam commented Jul 5, 2021

I need this key and the data for further API call. It looks like after some call I am loosing the accessToken.
So once I store the key in the Redis later I can fetch the same and make a another Spring/Java call passing the Token.

I am trying to get the "SessionKey" value to track all the further call. The value is storing successfully. But not able to read the value of "SessionKey". req.oidc object does not hold this.

@adamjmcgrath
Copy link
Contributor

I need this key and the data for further API call. It looks like after some call I am loosing the accessToken.

As long as the user is logged in (you have session data in redis), you will always be able to get the access token from the API: req.oidc.accessToken. If you are losing the accessToken when you believe you shouldn't be, this could be a bug, please create a small reproducable example and I can debug it for you.

@dasarindam
Copy link
Author

dasarindam commented Jul 5, 2021

OK. Thats fine for now. I will provide a sample code, so that you may be able to reproduce.
Mean while can you tell me the how to get the value of the "SessionKey" once the user pass through the login process inside the method with requireAuth() '/verify' function ?

@adamjmcgrath
Copy link
Contributor

Thanks @dasarindam

There is currently no way to get the value of "SessionKey" - but once #252 get's released (I'll try and cut a release this week) you should be able to make the "SessionKey" value predictable

@adamjmcgrath
Copy link
Contributor

Custom Session Key generation is available in the latest release https://github.com/auth0/express-openid-connect/releases/tag/v2.5.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants