Can you share how req.session
is being set (where’s your passport js code)?
Is it in an app.get
call maybe? Should it be in an app.use
instead? (your graphql requests are probably post
and wouldn’t hit middleware using app.get
)
Do you have separate code blocks for adding cookie
and adding passport
to the session object? Most likely, your passport
block isn’t running for graphql requests.