I am using passportJS which uses express-session Now to store sessions on production we need to create session store and this session store can easily be replaced with redis cache or some other store. I have one question by introducing session store using redis or some other store will it become single point of failure in application? Note: express-session is used not JWT tokens for authentication/authorization

You could deploy a multi node redis cluster to provide some redundancy. Most cloud providers offer managed redis services which will make the setup easy for you. Any dependency can be a point of failure, including your DB, Cache, Message Brokers, etc. If the service is extremely critical, you should have circuit breakers, fallbacks, etc. In most usecases, it might be an overkill, so design as per your risk appetite.

@glamorous-mouse-696 After discussing with lot of developers on Reactiflux discord channel I went with passportJS which uses express-session. Most of the folks on discord channel did not recommended JWT authentication. Session is better compared to JWT. I can share few links which were shared on that discord channel when the discussion was happening. http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/   https://gist.github.com/samsch/0d1f3d3b4745d778f78b230cf6061452   https://gist.github.com/joepie91/cf5fd6481a31477b12dc33af453f9a1d