I'm trying to get client-sessions to work on Ubuntu. However, whenever I run nodejs app.js I get this error. I'm trying to figure out what's going on but I can't find what's going on. I read the client-sessions information on their NPM/Github sites but I can't figure out what's going on. Can anyone help me or lead me to the right place?
The entire error:
/home/tom/cookiestut/node_modules/client-sessions/lib/client-sessions.js:548 throw new Error("cannot set up sessions without a secret "+ ^ Error: cannot set up sessions without a secret or encryptionKey/signatureKey pair at clientSessionFactory (/home/tom/cookiestut/node_modules/client-sessions/lib/client-sessions.js:548:11) at Object.<anonymous> (/home/tom/cookiestut/app.js:34:9) at Module._compile (internal/modules/cjs/loader.js:654:30) at Object.Module._extensions..js (internal/modules/cjs/loader.js:665:10) at Module.load (internal/modules/cjs/loader.js:566:32) at tryModuleLoad (internal/modules/cjs/loader.js:506:12) at Function.Module._load (internal/modules/cjs/loader.js:498:3) at Function.Module.runMain (internal/modules/cjs/loader.js:695:10) at startup (internal/bootstrap/node.js:201:19) at bootstrapNodeJSCore (internal/bootstrap/node.js:516:3) 2 Answers
Answers 1
To use client-sessions you must set either secret or both encryptionKey and signatureKey, as recommended in the documentation
https://www.npmjs.com/package/client-sessions#usage
var sessions = require("client-sessions"); app.use(sessions({ cookieName: 'mySession', // cookie name dictates the key name added to the request object secret: 'blargadeeblargblarg', // should be a large unguessable string duration: 24 * 60 * 60 * 1000, // how long the session will stay valid in ms activeDuration: 1000 * 60 * 5 // if expiresIn < activeDuration, the session will be extended by activeDuration milliseconds })); app.use(function(req, res, next) { if (req.mySession.seenyou) { res.setHeader('X-Seen-You', 'true'); } else { // setting a property will automatically cause a Set-Cookie response // to be sent req.mySession.seenyou = true; res.setHeader('X-Seen-You', 'false'); } }); The code of lib/client-sessions.js checks that secrets or two keys are initialized in clientSessionFactory method:
if (!(opts.secret || (opts.encryptionKey && opts.signatureKey))) { throw new Error("cannot set up sessions without a secret "+ "or encryptionKey/signatureKey pair"); } https://hacks.mozilla.org/2012/12/using-secure-client-side-sessions-to-build-simple-and-scalable-node-js-applications-a-node-js-holiday-season-part-3/ page says how to set secret - by using some long random string (for example, combine several strings from the site random.org):
app.use(clientSessions({ secret: '0GBlJZ9EKBt2Zbi2flRPvztczCewBxXK' // set this to a long random string! })); Answers 2
I think the error you're getting it's self-explanatory. If you follow the stack trace you can see that in the following path and line:
/home/tom/cookiestut/app.js:34:9 you're missing to set up the secret to your cookie session configuration. Probably you have it configured as an environment variable and you forgot to define it.
Add a secret manually to the cookie set up
0 comments:
Post a Comment