I ran into an error with express sessions. Every request, sessions was creating a new cookie instead of authenticating the cookie that was already made. It was also saving a new session to the store on every request. I was using the options resave: false, saveunintialized: false, httpOnly: true, secure: true. I was working on a secure connection.

Well, I thought I was working on a secure connection. It turned out that the server couldn't validate the certificate, so as a fail safe instead of authenticating a cookie that was sent over an unsecure connection, it made a new one. When I put express sessions on a secure connection it didn't do this. It also didn't do this when I changed the secure option to false.