Sharing Redis Sessions Across Node Apps


I'm busy building a platform with 3 different subdomains - example.com, auth.example.com and api.example.com. They're run with 3 separate NodeJS apps running on different ports of the server.

Here is the code setting up the sessions:

var session = require("express-session"); var redisStore = require("connect-redis")(session); var redisClient = require("redis").createClient(config.redis); app.use(session({ secret: config.server.secret, store: new redisStore(config.redis), client: redisClient, resave: false, saveUninitialized: false, cookie: { domain: "example.co.za", httpOnly: false } }));

The configuration is exactly the same for all 3 apps and they're sitting on the same server. For some reason, the sessions are not being shared. I seem to remember that they were being shared a few weeks back and now things are broken - I have a sneaky suspision that this happened when we moved all the traffic from HTTP to HTTPS. Would this break the sessions? I tried to turn of 'httpOnly' in case it restricted the sessions, but no luck.

I have run redid-cli MONITOR and the session is, in fact, being saved on login (Auth App) but is not being retrieved by the other app. When I turned saveUninitialized to true, the requests to save were coming from all 3 apps - this shows that they are connected to the same Redis Store.

Any help would be great.


I think this is just a cookie issue. The browser is not sending the session cookie back on your sub-domains: you need a leading . on the domain. e.g.:

cookie: { domain: ".example.co.za", httpOnly: false }

In case that doesn't work and you are having AJAX issues <a href="https://stackoverflow.com/questions/9071969/using-express-and-node-how-to-maintain-a-session-across-subdomains-hostheaders" rel="nofollow">see this post</a>


  • NodeJs retrieving value from Array show as un
  • Scan strings using nodejs in redis
  • Issues trying out example in Spark-shell
  • Express4.10 bodyParser req.body undefined
  • Is it safe to use HttpClientFactory?
  • How to download attachment from email sent to google group mail address
  • How can I set (override) all items in hash
  • Express Session not Working for Ajax Call
  • One session per user - passport JS
  • Hiding contentful Space id and access token, client side javascript file
  • NodeJs and ExpressJs Cannot Set Cookie
  • How to call a postgresql function from the JOOQ models in a select statement?
  • Body error: Implementing ngx-soap client in Angular 4
  • Java “Hello World” program running issue
  • Updating ASP.NET UpdatePanel during processing loop
  • Python Scipy: scipy.stats.spearmanr returning nans
  • Creating A New App For Page
  • Unable to generate call to cell phone using asterisk
  • Setting up ElastiCache Redis with Elastic BeanStalk + Django
  • docker-compose: connection refused between containers, but service accessible from host
  • SF2 Functional tests : “Resetting the container is not allowed when a scope is active”
  • Javascript/Jquery runs fast in desktop browsers, but slow in mobile/smartphone browsers…should I spl
  • nonblocking BIO_do_connect blocked when there is no internet connected
  • Redux Form - Not able to type anything in input
  • Get history of file changes from TFS to implement custom “blame”-behaviour of exceptions
  • Transactional Create with Validation in ServiceStack Redis Client
  • Handling un-mapped Rest path
  • How do I change content of ComboFieldEditor?
  • PHP - How to update data to MySQL when click a radio button
  • req.body is undefined - nodejs
  • How to get a value (ex: baseURL) in every Karate feature?
  • Symfony2: How to get request parameter
  • Weird JavaScript statement, what does it mean?
  • Do I've to free mysql result after storing it?
  • Akka Routing: Reply's send to router ends up as dead letters
  • Circular dependency while pushing http interceptor
  • Is there a mandatory requirement to switch app.yaml?
  • InvalidAuthenticityToken between subdomains when logging in with Rails app
  • SQL merge duplicate rows and join values that are different
  • UserPrincipal.Current returns apppool on IIS