At first, sharing your session state between your Node.js HTTP server and websockets server might seem difficult. However, if you're using Express and NowJS (or the technologies they're built on, Connect and Socket.IO, respectively), most of the work has already been done for you -- it's just a matter of connecting the right pieces together. An example follows, written in Coffeescript.
There are three parts: fixing your session store, fixing your web sockets code, and fixing your HTTP application code.
Fixing your session store
Before, for Express (or Connect), you might have something like this:
|1 2 3 4||
When instead, you want something like this:
|1 2 3 4 5||
This will allow you to access the session store directly from outside Express/Connect's callbacks.
If you look at the source for Connect's sessions here, you can see this is essentially the same as what the default behavior is. Also, if you're already using an alternative store (i.e. Redis store), the only thing you have to do is make sure you're creating a variable for the store in a scope broad enough for the relevant parts of your application.
Fixing your websockets code
This is fairly straightforward if you know where to look, but NowJS/Socket.IO automatically send a user's cookies. Here's how you use them to access the user's session:
|1 2 3 4 5||
Fixing your HTTP application code
Ha, I lied, there is no third part. You can keep accessing cookies and sessions in your application the exact same way as you were before. req.session will still be automatically populated with the user's session, retrieved from the session store.
Hope this helps someone out! It seems obvious in retrospect, but figuring out exactly how to share state is a little tricky.