This is my current working system of setting up a session for a user. I get the database entry and then remove all the extra sequelize functions by using toJSON. Then I delete the keys that I don't want in the sessions database.
I then tack it onto the session. I would love it if every time I call render, the user session is available automatically for things like showing login/logout buttons and user specific information.
router.post('/login', async function(req, res, next) {
let user = await db.User.findOne({ where: { username: req.body.username } });
user = user.toJSON();
delete user.password;
delete user.createdAt;
delete user.updatedAt;
req.session.user = { ...user };
req.session.user.loggedIn = true;
}