Because the session middleware is installed early in the express middleware chain, it's processing API routes as well storing data and returning an unnecessary Set-Cookie: connect.sid=s%3A3JEvckAEIve7D6-YstnTdW4tkskLZsta.A3%2FIplgQJ7R6o2jdZp0lT5EcxpLKuDHjQG0g1c%2BzsIU; Path=/; Expires=Fri, 04 Sep 2020 22:24:01 GMT; HttpOnly; SameSite=Strict header.
It should be moved to only process the view routes that leverage session authentication.
Because the session middleware is installed early in the express middleware chain, it's processing API routes as well storing data and returning an unnecessary
Set-Cookie: connect.sid=s%3A3JEvckAEIve7D6-YstnTdW4tkskLZsta.A3%2FIplgQJ7R6o2jdZp0lT5EcxpLKuDHjQG0g1c%2BzsIU; Path=/; Expires=Fri, 04 Sep 2020 22:24:01 GMT; HttpOnly; SameSite=Strictheader.It should be moved to only process the view routes that leverage session authentication.