5

I always get the same error when I try to run my site on localhost with apache and self-signed ssl certificate. I have no idea why this error appears. This is my session persistence, I don't know if there is a misstake, but I can't imagine.... Further down you can finde the error.

I am quite lost at the moment with this issue 

app.use(cookieParser(sessionSecret));
app.use( session( {
    store: sessionStore,
    secret: sessionSecret, resave: false, saveUninitialized: true,
    cookie: {secure: true, maxAge:24*60*60*1000},
    genid: function (req) {return uuid.v4()}
  }));
app.get('/login*', function (req, res) {console.log("login session is: "+req.session); loadSelectedFile(req, res);});

Error: secret option required for sessions
    at session (C:\xampp\htdocs\node_modules\express-session\index.js:167:12)
    at Layer.handle [as handle_request] (C:\xampp\htdocs\node_modules\express\lib\router\layer.js:95:5)
    at trim_prefix (C:\xampp\htdocs\node_modules\express\lib\router\index.js:317:13)
    at C:\xampp\htdocs\node_modules\express\lib\router\index.js:284:7
    at Function.process_params (C:\xampp\htdocs\node_modules\express\lib\router\index.js:335:12)
    at next (C:\xampp\htdocs\node_modules\express\lib\router\index.js:275:10)
    at cookieParser (C:\xampp\htdocs\node_modules\cookie-parser\index.js:56:14)
    at Layer.handle [as handle_request] (C:\xampp\htdocs\node_modules\express\lib\router\layer.js:95:5)
    at trim_prefix (C:\xampp\htdocs\node_modules\express\lib\router\index.js:317:13)
    at C:\xampp\htdocs\node_modules\express\lib\router\index.js:284:7
    at Function.process_params (C:\xampp\htdocs\node_modules\express\lib\router\index.js:335:12)
    at next (C:\xampp\htdocs\node_modules\express\lib\router\index.js:275:10)
    at expressInit (C:\xampp\htdocs\node_modules\express\lib\middleware\init.js:40:5)
    at Layer.handle [as handle_request] (C:\xampp\htdocs\node_modules\express\lib\router\layer.js:95:5)
    at trim_prefix (C:\xampp\htdocs\node_modules\express\lib\router\index.js:317:13)
    at C:\xampp\htdocs\node_modules\express\lib\router\index.js:284:7
Daniel Dalan
  • 101
  • 1
  • 2
  • 11
  • Is sessionSecret a string defined at the beginning of the code ? – AmirHossein Rd Apr 23 '18 at 18:00
  • Hi Amir, yes there is a defined string at the beginning. I tried now several things but it just does not change. Can this issue also be related to the self signed certificate ? – Daniel Dalan Apr 23 '18 at 22:39
  • I dont have a lot of knowledge with SSl certificate, but based on the app I created with express and what not, this is what i have app.use(session( {secret: "String for encrypting cookies.", name: "Cookie_name", cookie: {maxAge:7 * 24 * 3600 * 1000}, proxy: true, resave: true, saveUninitialized: true })); – AmirHossein Rd Apr 23 '18 at 22:55
  • I might be stating the obvious, but did u install and require express-session ? – AmirHossein Rd Apr 23 '18 at 22:56
  • Hi Amir, thank you very much for your help! I double checkd the npm express-session installation and it was ok. But I did not have a session secret, it just came to my minde when I saw your example... That was great help! – Daniel Dalan Apr 24 '18 at 09:16
  • Glad it helped:) – AmirHossein Rd Apr 24 '18 at 16:04

3 Answers3

3

This is what helped me to resolve the error, 

const app = express();
app.use(session({ secret: 'somevalue' }));
Piotr Labunski
  • 1,638
  • 4
  • 19
  • 26
santosh shetty
  • 31
  • 3
0

The answer for me was that my app.js file was still using cookieSession. I commented this line out and everything works.

Yours may look something like:

app.use(cookieSession({maxAge: (24 * 60 * 60 * 1000), keys: [keys['session.cookieKey']]}));
Nick
  • 466
  • 1
  • 6
  • 12
0

Maybe your sessionSecret is not read or detected. you can directly enter the value of sessionSecret directly. example secret : "your sessionSecret"

Kevin_Siregar
  • 1
  • 1