-
Notifications
You must be signed in to change notification settings - Fork 394
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to use express-session middleware with graphql middleware #1121
Comments
Please, report this issue in the Apollo repository https://github.com/apollographql/apollo-server as we use this package to run GQL server |
Hi @kamilmysliwiec , Thanks for reply. I used apollo graphql and server side session in of my many projects. In that we need add following line in middle ware.
But in nest graphql module where should I add this line. I am using nestjs first time. That why I created new issue. I also raised this issue in nestjs/graphql discord room. I guess we need to inject this middleware in GQL server. |
|
#4527 for reference. |
I have the same problem. Don't know how to use express-session with GraphQL in Nestjs... |
@kamilmysliwiec - The Apollo Server team just closed their issue saying it's Nest's problem. I wish I had the time to make a reproduction.... can anyone here do that? Maybe, together, we can get down to the bottom of why this is happening, as it makes using cookies with Scott |
Hi, I think I just had bad configuration because it works perfectly now. Do you also use redis store? |
Yes. Actually I am. @jeromemeichelbeck The redis store is working fine though (it seems) as I use it for caching too. How would that cause headers to be set a second time? Is your code open source/ can you share it? Scott |
Frankly I have no idea... |
@jeromemeichelbeck @smolinari @gaurav-bothra ...
- "request.credentials": "omit",
+ "request.credentials": "include",
... or when configuring the module: GraphQLModule.forRoot({
playground: {
settings: {
"request.credentials": "include"
}
}
}) With this the cookie is send from the playground and the session logic should work as expected. @kamilmysliwiec Would it make sense to extend the docs to have this mentioned in the auth section? |
For me this configuration with cors worked: GraphQLModule.forRoot({
autoSchemaFile: true,
formatError: (error: GraphQLError) => {
delete error?.extensions?.exception;
return error;
},
playground: {
settings: {
'request.credentials': 'include',
},
},
cors: {
credentials: true,
origin: true,
},
}) |
I'm submitting a...
Current behavior
Currently I created simple boilerplate of nestjs/graphql with express-session middleware. I hooked session middleware in main.ts file. with saveUninitialized flag true... my nestjs server breaks with following error
(node:67816) UnhandledPromiseRejectionWarning: Error [ERR_HTTP_HEADERS_SENT]: Cannot set headers after they are sent to the client at ServerResponse.setHeader (_http_outgoing.js:485:11).
Also when I tries to create session on server by using ctx.req.session.userId. same error occur I find similar issue on github
issue link. But I am unaware how to do it in nestjs fashion. I am new with nestjs.
Expected behavior
Minimal reproduction of the problem with instructions
app.use(session({ name: SESSION_NAME, store: new RedisStore({ host:REDIS_HOST, port:REDIS_PORT, client: client, disableTouch: true, }), cookie: { maxAge: 1000 * 60 * 60 * 24 * 365 * 10, // 10 years httpOnly: true, sameSite: "lax", // csrf secure: __PROD__, // cookie only works in https domain: __PROD__ ? ".local" : undefined, }, saveUninitialized: true, secret: SESSION_SECRET, resave: true }))
What is the motivation / use case for changing the behavior?
Environment
The text was updated successfully, but these errors were encountered: