fix: corrige sessão não persistindo - sameSite cookie + session.save()

This commit is contained in:
Jonas Pacheco 2026-04-09 14:55:30 -03:00
parent 0fad3e05f7
commit f14fafa531
3 changed files with 37 additions and 10 deletions

View File

@ -23,4 +23,7 @@ pool.on('error', (err) => {
console.error('[DB Pool] Erro inesperado:', err.message);
});
// Exportar pool para uso no session store
export { pool };
export const db = drizzle({ client: pool, schema });

View File

@ -45,13 +45,22 @@ const sessionSettings: session.SessionOptions = {
secure: process.env.NODE_ENV === "production",
httpOnly: true,
maxAge: 24 * 60 * 60 * 1000,
sameSite: "lax",
},
name: "arcadia.sid",
};
export const sessionMiddleware = session(sessionSettings);
export function setupAuth(app: Express) {
app.set("trust proxy", 1);
// Log de debug para sessões
app.use((req, res, next) => {
console.log(`[Session] ${req.method} ${req.path} - SessionID: ${req.sessionID} - User: ${req.user ? (req.user as any).username : 'none'}`);
next();
});
app.use(sessionMiddleware);
app.use(passport.initialize());
app.use(passport.session());
@ -129,8 +138,18 @@ export function setupAuth(app: Express) {
console.log(`[Auth] Post-login, enriquecendo usuário: ${req.user!.id}`);
try {
const enrichedUser = await storage.getEnrichedUser(req.user!);
console.log(`[Auth] Enviando resposta de login para: ${enrichedUser.username}`);
res.status(200).json(enrichedUser);
console.log(`[Auth] Salvando sessão para: ${enrichedUser.username}`);
// Forçar salvamento da sessão
req.session.save((err) => {
if (err) {
console.error(`[Auth] Erro ao salvar sessão: ${err.message}`);
return res.status(500).json({ error: "Erro ao salvar sessão" });
}
console.log(`[Auth] Sessão salva com sucesso. SessionID: ${req.sessionID}`);
console.log(`[Auth] Enviando resposta de login para: ${enrichedUser.username}`);
res.status(200).json(enrichedUser);
});
} catch (error: any) {
console.error(`[Auth] Erro ao enriquecer usuário no login: ${error.message}`);
res.status(500).json({ error: "Erro ao processar login" });

View File

@ -1,16 +1,11 @@
import { db } from "../db/index";
import { db, pool } from "../db/index";
import { users, applications, userApplications, profiles, crmPartners, tenants, tenantUsers, type User, type InsertUser, type Application, type InsertApplication } from "@shared/schema";
import { eq, and } from "drizzle-orm";
import session from "express-session";
import connectPg from "connect-pg-simple";
import pg from "pg";
const PostgresSessionStore = connectPg(session);
const pool = new pg.Pool({
connectionString: process.env.DATABASE_URL,
});
export interface IStorage {
sessionStore: session.Store;
@ -36,10 +31,20 @@ export class DatabaseStorage implements IStorage {
sessionStore: session.Store;
constructor() {
console.log('[Storage] Inicializando session store...');
this.sessionStore = new PostgresSessionStore({
pool,
createTableIfMissing: true
createTableIfMissing: true,
tableName: 'session',
pruneSessionInterval: 60 * 60, // 1 hora
});
// Log de erros do session store
this.sessionStore.on('error', (err: any) => {
console.error('[SessionStore] Erro:', err.message);
});
console.log('[Storage] Session store inicializado');
}
async getUser(id: string): Promise<User | undefined> {