trying to log in a person with same username

Question

So I'm making an app with profiles and stuff. And the user would connect to his profile by using the route /user/:id (the :id would be req.user.id) the thing is when I try to log in users with same username req.user is the same for both eventhough they have different email/credentials. And I think it's because I'm using passport and when serializing a user, and saving his credentials to the session is saving the username, and of course when desirializing it's going to find the user by his username. I've already tried to change the session key to be email or id, so it would not find users with same username but I can't make it work. Here is the code

passport.serializeUser(User.serializeUser(function (user, done) {
    done(null, user.email)
}));
passport.deserializeUser(User.deserializeUser(function (email, done) {
    user.findById(id, function (err, user) {
        done(err, user)
    })

}))

OUTPUT

Session {
  cookie: {
    path: '/',
    _expires: 2021-05-11T18:40:11.634Z,
    originalMaxAge: 604800000,
    httpOnly: true
  },
  flash: {},
  passport: { user: User's name }
}

As you can see eventhough I'm trying to add the email key to the session, it seems not to work. Can someone help me fix this issue or even prupose a new solution

Answer 1

I would recommend looking into User.serializeUser and User.deserializeUser are affecting things. It's unclear to me why they are being passed the passport methods.

Here is an idea of a common implementation that may simplify how you are getting data and passing it to the req object.

passport.serializeUser((user, done) => {
    done(null, user.email);
});

passport.deserializeUser((email, done) => {
  // Mongoose query
  // Find matching user based on email
  const user = await User.findOne({ email }).exec();
  done(null, user);
});