|
|
@@ -39,17 +39,14 @@ app.use(cors({
|
|
|
app.use(express.json());
|
|
|
app.use(express.urlencoded({ extended: true }));
|
|
|
|
|
|
-// Session configuration
|
|
|
+// Session configuration - Simple as fuck
|
|
|
app.use(session({
|
|
|
- secret: process.env.SESSION_SECRET || 'gooneral-wheelchair-secret-key-change-in-production',
|
|
|
- resave: false,
|
|
|
- saveUninitialized: false,
|
|
|
- name: 'gooneral-session',
|
|
|
- cookie: {
|
|
|
- secure: true, // HTTPS required
|
|
|
- httpOnly: true,
|
|
|
- maxAge: 24 * 60 * 60 * 1000, // 24 hours
|
|
|
- sameSite: 'lax' // Changed from 'strict' to 'lax'
|
|
|
+ secret: 'your-secret-key-here-change-this',
|
|
|
+ resave: true,
|
|
|
+ saveUninitialized: true,
|
|
|
+ cookie: {
|
|
|
+ secure: false, // Disable secure for now to test
|
|
|
+ maxAge: 24 * 60 * 60 * 1000
|
|
|
}
|
|
|
}));
|
|
|
|
|
|
@@ -129,24 +126,13 @@ app.post('/api/auth/login', async (req, res) => {
|
|
|
|
|
|
// Store user in session
|
|
|
req.session.user = user;
|
|
|
- console.log('Login successful - Session ID:', req.sessionID);
|
|
|
- console.log('Login successful - Stored user:', req.session.user);
|
|
|
-
|
|
|
- // Manually save the session to ensure it's persisted
|
|
|
- req.session.save((err) => {
|
|
|
- if (err) {
|
|
|
- console.error('Session save error:', err);
|
|
|
- return res.status(500).json({ error: 'Failed to save session' });
|
|
|
+
|
|
|
+ res.json({
|
|
|
+ success: true,
|
|
|
+ user: {
|
|
|
+ username: user.username,
|
|
|
+ role: user.role
|
|
|
}
|
|
|
-
|
|
|
- console.log('Session saved successfully');
|
|
|
- res.json({
|
|
|
- success: true,
|
|
|
- user: {
|
|
|
- username: user.username,
|
|
|
- role: user.role
|
|
|
- }
|
|
|
- });
|
|
|
});
|
|
|
} catch (error) {
|
|
|
console.error('Login error:', error);
|
|
|
@@ -160,17 +146,13 @@ app.post('/api/auth/logout', (req, res) => {
|
|
|
if (err) {
|
|
|
return res.status(500).json({ error: 'Logout failed' });
|
|
|
}
|
|
|
- res.clearCookie('gooneral-session'); // Use the same name as configured
|
|
|
+ res.clearCookie('connect.sid'); // Default session cookie name
|
|
|
res.json({ success: true, message: 'Logged out successfully' });
|
|
|
});
|
|
|
});
|
|
|
|
|
|
// GET /api/auth/me - Get current user
|
|
|
app.get('/api/auth/me', isAuthenticated, (req, res) => {
|
|
|
- console.log('Auth check - Session ID:', req.sessionID);
|
|
|
- console.log('Auth check - Session user:', req.session?.user);
|
|
|
- console.log('Auth check - Is authenticated:', req.isAuthenticated);
|
|
|
-
|
|
|
if (req.isAuthenticated) {
|
|
|
res.json({
|
|
|
user: {
|
