Is using cookie-parser with .js passport still necessary?

Question

Is using cookie-parser with .js passport still necessary?

It is not possible to find information (on passport.js ) about the general installation of passport.js and the declaration in node.js In tutorials, I always see express session middleware and cookie-parser , as indicated for passport , but session docs ( https://github.com/expressjs/session ) Notes:

'Starting with version 1.5.0, the cookie-parser middleware is no longer needed for this module. This module now reads and writes cookies directly to req / res. Using cookie-parser can lead to problems if the secret does not match this module and cookie-parser. ''

So do I need to use session and cookie-parser for passport for some reason, or can I only use session , do I need to change something?

+7

node.js cookies session express passport.js

Max yari Mar 18 '15 at 12:53

source share

1 answer

Wrecks · Accepted Answer · 2016-02-07T23:04:19+0000

No, the passport itself does not require cookie-parser middleware. If you need constant authentication during a session, you will need express session middleware that requires a cookie parser, but modern versions of the expression no longer have this requirement (the current version of the express session reads and writes cookies directly).

Is using cookie-parser with .js passport still necessary?

More articles: