Jared Hanson

I'll add it during the next round of updates.

Yeah, what's the package name?

What are you using for session middleware?

Thanks for the report. This is a duplicate of #904. I'd recommend pinning to 0.5.x, until I've had a chance to release an update with the new features described on...

Have you used debugging tools to verify that cookies are getting set and transmitted in HTTP requests as expected? Any details as to network traffic would be helpful.

I'm not familiar with the implementation of the `jwt` strategy, but your JWT has an `expiresIn`, where the standard mandates an `exp` claim. This may be causing issues.

I think the problem is in how you are generating the JWT. ``` return jwt.sign({ ...payload, expiresIn: 2 * 60 * 60 }, secretOrKey); ``` Expires in should be an...

No. If you use the custom callback, you have to send the response and call end Sent from my iPhone > On May 1, 2014, at 7:30 PM, Esen Sagynov...

Remove the callback. Use it as normal middleware like intended Sent from my iPhone > On May 1, 2014, at 9:49 PM, Esen Sagynov [email protected] wrote: > > Imagine I...

You are making the problem too hard. The custom callback is not the problem here. Use of client-password and bearer should occur in distinct routes, where there is no ambiguity...