Error: secret option required for sessions (espress session)

M

3

6

I always get the same error when I try to run my site on localhost with apache and self-signed ssl certificate. I have no idea why this error appears. This is my session persistence, I don't know if there is a misstake, but I can't imagine.... Further down you can finde the error.

I am quite lost at the moment with this issue

app.use(cookieParser(sessionSecret));
app.use( session( {
    store: sessionStore,
    secret: sessionSecret, resave: false, saveUninitialized: true,
    cookie: {secure: true, maxAge:24*60*60*1000},
    genid: function (req) {return uuid.v4()}
  }));
app.get('/login*', function (req, res) {console.log("login session is: "+req.session); loadSelectedFile(req, res);});

Error: secret option required for sessions
    at session (C:\xampp\htdocs\node_modules\express-session\index.js:167:12)
    at Layer.handle [as handle_request] (C:\xampp\htdocs\node_modules\express\lib\router\layer.js:95:5)
    at trim_prefix (C:\xampp\htdocs\node_modules\express\lib\router\index.js:317:13)
    at C:\xampp\htdocs\node_modules\express\lib\router\index.js:284:7
    at Function.process_params (C:\xampp\htdocs\node_modules\express\lib\router\index.js:335:12)
    at next (C:\xampp\htdocs\node_modules\express\lib\router\index.js:275:10)
    at cookieParser (C:\xampp\htdocs\node_modules\cookie-parser\index.js:56:14)
    at Layer.handle [as handle_request] (C:\xampp\htdocs\node_modules\express\lib\router\layer.js:95:5)
    at trim_prefix (C:\xampp\htdocs\node_modules\express\lib\router\index.js:317:13)
    at C:\xampp\htdocs\node_modules\express\lib\router\index.js:284:7
    at Function.process_params (C:\xampp\htdocs\node_modules\express\lib\router\index.js:335:12)
    at next (C:\xampp\htdocs\node_modules\express\lib\router\index.js:275:10)
    at expressInit (C:\xampp\htdocs\node_modules\express\lib\middleware\init.js:40:5)
    at Layer.handle [as handle_request] (C:\xampp\htdocs\node_modules\express\lib\router\layer.js:95:5)
    at trim_prefix (C:\xampp\htdocs\node_modules\express\lib\router\index.js:317:13)
    at C:\xampp\htdocs\node_modules\express\lib\router\index.js:284:7

Maitund answered 23/4, 2018 at 17:41 Comment(6)

Is sessionSecret a string defined at the beginning of the code ? – Chemnitz 23/4, 2018 at 18:0

Hi Amir, yes there is a defined string at the beginning. I tried now several things but it just does not change. Can this issue also be related to the self signed certificate ? – Maitund 23/4, 2018 at 22:39

I dont have a lot of knowledge with SSl certificate, but based on the app I created with express and what not, this is what i have app.use(session( {secret: "String for encrypting cookies.", name: "Cookie_name", cookie: {maxAge:7 * 24 * 3600 * 1000}, proxy: true, resave: true, saveUninitialized: true })); – Chemnitz 23/4, 2018 at 22:55

I might be stating the obvious, but did u install and require express-session ? – Chemnitz 23/4, 2018 at 22:56

Hi Amir, thank you very much for your help! I double checkd the npm express-session installation and it was ok. But I did not have a session secret, it just came to my minde when I saw your example... That was great help! – Maitund 24/4, 2018 at 9:16

Glad it helped:) – Chemnitz 24/4, 2018 at 16:4

F

3

This is what helped me to resolve the error,

const app = express();
app.use(session({ secret: 'somevalue' }));

Farmhand answered 27/4, 2020 at 17:53 Comment(0)

R

0

The answer for me was that my app.js file was still using cookieSession. I commented this line out and everything works.

Yours may look something like:

app.use(cookieSession({maxAge: (24 * 60 * 60 * 1000), keys: [keys['session.cookieKey']]}));

Roseroseann answered 22/8, 2022 at 14:58 Comment(0)

B

0

Maybe your sessionSecret is not read or detected. you can directly enter the value of sessionSecret directly. example secret : "your sessionSecret"

Barbe answered 4/6, 2023 at 14:15 Comment(0)

Recommended topics

Hot tags