Auth0 Home Blog Docs

Create a Simple and Secure Node Express App

Learn how to secure a simple Node.js and Express app by adding user authentication with Passport.js and Auth0.

Read on :green_heart:

Brought to you by @dan-auth0 :man_technologist:t2:

3 Likes

Node.js is both a platform and a topic that I love. Let me know how you like this blog post, what questions you may have, and/or what others topics related to Node you’d like to read. I am here for you!

1 Like

Nice tutorial. I like seeing the non-JWT side of things. I have a question about sessions though.

I read that Express sessions basically set a cookie with the ID of the session, and then for each subsequent request, the Express middleware you set up will perform a session lookup to attach the session data to the req object, and that’s how the subsequent middleware like your app routes will have access to the logged in user. Since I didn’t see you connect anything like Redis or any database to the session middleware, I’m guessing it’s storing it in memory.

What do you do when you’ve got an app that is horizontally scaled? Perhaps it’s deployed to Heroku, AWS Lambda, or a Kubernetes cluster with pod autoscaling enabled, and once traffic scales up, there will be more than one process that your visitors hit. Can you override the session middleware to store session values in something that each process can access, like Redis?

Edit:

Found the answer after more digging. The readme for the session middleware itself talks about implementing custom session stores and lists popular libraries that are already capable of storing sessions in things like Redis, PostgreSQL, MongoDB, and even the cloud databases like AWS DynamoDB and Google Cloud Firestore. Neat. (https://github.com/expressjs/session)

Great tutorial!

I follow all the steps on the blog but is is error saying passport.initialize is not a middleware,

and i see some changes in the code in github in the ENV part that solves the issue

@johndavemanuel you need to install passport
npm install passport

1 Like

Hi @aparralorenzo,

Welcome to the Auth0 Community Forum!

Thanks for helping out on this.

@johndavemanuel Did this solve you problem?

In the future please create a new topic for your problem with a link to the blog/doc. This helps us answer your questions more quickly!

Thanks,
Dan