Is it possible to read the php session cookie via node.js?

Question

Since PHP sessions are basically cookies, and I am using them to authenticate logged in users (I know, I should move to tokens), is it possible to read the session cookie on my node app? (I want to create a simple chat that gets the logged in username from the PHP session, and on the way allow only logged in users to use the chat)

What would then be the preferred way to do that? (In terms of security as well)

**Edit: I am trying to get something sort of the node equivalent of this in PHP:

if(!isset($_SESSION['user_id']){
   //don't allow access to the chat page
} else {
   //show chat for logged user
}

Answer 1

A cookie is not language specific so if the cookie is there, you could certainly read it with node.js.

BUT, the browser only sends cookies to the server that they are associated with. So, if your PHP server is not part of the same sub-domain as the node.js server and the cookies are configured to allow sharing with sub-domains, then the browser won't send the PHP cookie to your node.js server.

To read cookies with Express, you can use the cookie-parser module . Samples for how to use it are in the doc. After installing the cookie-parser middleware, you would end up referencing:

req.cookie

to access that same cookie. To manage sessions using Express and node.js and keep track of server-side session state, one would typically use the express-session module .