Superfluous calls on login/logout #7
Description
I've put some console.log on login and logout and I always get a sequence of 1# get, 2# destroy, #3 set, e.g. for logout
<-- POST /api/User/logout?
getting sid SESSION:7sAWNTc02BKJE7iviPkNL7PhaqfacSDE, value: {"passport":{"user":{"_id":"5739d53fda88d2287e1f8631","username":"1234","password":null,"__v":0,"type":"User"}}}
destroying sid SESSION:7sAWNTc02BKJE7iviPkNL7PhaqfacSDE
setting sid SESSION:n-4yQqUH_q_OX9kZEhFcTlvZrmRnLDe3, value: {"passport":{}}
--> POST /api/User/logout? 200 419ms 4b
or for login:
<-- POST /api/User/login?include=user
getting sid SESSION:n-4yQqUH_q_OX9kZEhFcTlvZrmRnLDe3, value: {"passport":{}}
cb from login
destroying sid SESSION:n-4yQqUH_q_OX9kZEhFcTlvZrmRnLDe3
setting sid SESSION:n-4yQqUH_q_OX9kZEhFcTlvZrmRnLDe3, value: {"passport":{"user":{"_id":"5739d53fda88d2287e1f8631","username":"1234","password":null,"__v":0,"type":"User"}}}
--> POST /api/User/login?include=user 200 679ms 242b
Probably the logout does not need to set anything after having destroyed it, or the login does not need to destroy the session for after setting it anyway.
I think this line of code is aiming at tacking this issue, but session is not undefined, it's just the object inside the passport key, which is empty.