I'm trying to add a feature that will let me specify a user ID to log in as via a header when in development mode, so that I can develop API endpoints more easily. I have the login-via-header working, but the problem is that the login session persists for other requests after that, even if I'm not using the header (I'm not even sending Cookie--not sure how Passport is persisting the session). I would like to have the login apply for the duration of the request and no longer.
I tried calling req.logout() in an event handler for the finish/close event on res, and the logout is getting called, but subsequent requests still have req.user.
Is there a good way to provide a request-long login?
via Turner Hayes
No comments:
Post a Comment