I want to "delete cookies on logout". I am not able to do that. I googled for answer and found following ways: Assign new date of expiration to cookie res.cookie('connect.sid', '', {expires: new Date(1), path: '/' }); Delete cookie using below lines res.clearCookie('connect.sid', { path: '/' }); I tried both ways individually but they do not delete the cookie. Here

how to delete cookie on logout in express + passport js?

I want to “delete cookies on logout”. I am not able to do that. I googled for answer and found following ways:

Assign new date of expiration to cookie

res.cookie('connect.sid', '', {expires: new Date(1), path: '/' });
Delete cookie using below lines

res.clearCookie('connect.sid', { path: '/' });

I tried both ways individually but they do not delete the cookie.

Here is my code:

routes.js

module.exports = function(app, passport, session){
    app.get('/', function(req, res)
    {
       res.render('index.ejs');
    });

    app.get('/login', function(req,res){
     res.render('login.ejs',{message:req.flash('loginMessage')});
    });


    app.get('/signup',checkRedirect , function(req, res) {
        res.render('signup.ejs',{message: req.flash('signupMessage')});
    });
    app.get('/profile', isLoggedIn, function(req,res) {
        res.render('profile.ejs', {
            user :req.user
        });
    });
    app.post('/signup', passport.authenticate('local-signup', {
        successRedirect : '/profile',
        failureRedirect : '/signup',
        failureFlash : true
    }));
    app.post('/login',  passport.authenticate('local-login', {

        successRedirect : '/profile',
        failureRedirect : '/login',
        failureFlash :true

    }));
app.get('/logout',function(req,res){
    res.cookie('connect.sid', '', {expires: new Date(1), path: '/' });
   req.logOut();
    res.clearCookie('connect.sid', { path: '/' });
    res.redirect('/');
});

function isLoggedIn(req, res, next){

    if(req.isAuthenticated())
      return next();

    console.log("hiii");
    res.redirect('/');
}

};

server.js

    var express = require('express');
var app = express();
var port = process.env.PORT || 3000;
var mongoose = require('mongoose');
var passport = require('passport');
var flash=require('connect-flash');
var morgan=require('morgan');
var bodyParser = require('body-parser');
var cookieParser=require('cookie-parser');
//
var session=require('express-session');
var RedisStore = require('connect-redis')(session);
var redis   = require("redis");
var redis_client  = redis.createClient();
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: true}));
var configDb=require('./config/database.js');
mongoose.connect(configDb.url);

require('./config/passport')(passport);

app.use(morgan('dev'));
app.use(cookieParser());
app.use(bodyParser());
app.set('view engine', 'ejs');


app.use(session({
    store: new RedisStore({
    host: '127.0.0.1',
    port: 6379,
    client: redis_client
}),
    secret : 'foo',
    resave: false,
    saveUninitialized: false
}));
app.use(function (req, res, next) {
    if (!req.session) {
        return next(new Error('oh no')); // handle error
    }
    next();
});


});

app.use(passport.initialize());
app.use(passport.session());
app.use(flash());

require('./app/routes')(app, passport, session);
app.listen(port, function(){
    console.log('server is at port' + port);
});

Answer

You can use req.session.destroy in logout route to destroy the session below is the code for reference 🙂

app.get('/logout', function(req,res){
 req.logOut();
 req.session.destroy(function (err) {
        res.redirect('/'); //Inside a callback… bulletproof!
    });
});

Advertisement

Answer