with this option passport stops trying to save data to the passport session and everything works fine the truth had to be done differently, one middleware looks to see if there is a session, if not, it creates and adds an anonymous user session to our session object, otherwise it creates a session. The second middleware checks for the correctness of userId and if it is not an anonymous user id then it launches into routes that need authorization