【问题标题】:Error: cannot set up sessions without a secret or encryptionKey/signatureKey pair错误:无法设置没有秘密或加密密钥/签名密钥对的会话
【发布时间】:2018-04-11 17:39:25
【问题描述】:

我正在尝试让客户端会话在 Ubuntu 上运行。但是,每当我运行 nodejs app.js 时,我都会收到此错误。我试图弄清楚发生了什么,但我找不到发生了什么。我在他们的 NPM/Github 网站上阅读了客户端会话信息,但我不知道发生了什么。谁能帮助我或带我到正确的地方?

整个错误:

/home/tom/cookiestut/node_modules/client-sessions/lib/client-sessions.js:548
    throw new Error("cannot set up sessions without a secret "+
    ^

Error: cannot set up sessions without a secret or encryptionKey/signatureKey pair
    at clientSessionFactory (/home/tom/cookiestut/node_modules/client-sessions/lib/client-sessions.js:548:11)
    at Object.<anonymous> (/home/tom/cookiestut/app.js:34:9)
    at Module._compile (internal/modules/cjs/loader.js:654:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:665:10)
    at Module.load (internal/modules/cjs/loader.js:566:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:506:12)
    at Function.Module._load (internal/modules/cjs/loader.js:498:3)
    at Function.Module.runMain (internal/modules/cjs/loader.js:695:10)
    at startup (internal/bootstrap/node.js:201:19)
    at bootstrapNodeJSCore (internal/bootstrap/node.js:516:3)

【问题讨论】:

标签: node.js ubuntu


【解决方案1】:

要使用client-sessions,您必须将secretencryptionKeysignatureKey 都设置为recommended in the documentation

https://www.npmjs.com/package/client-sessions#usage

var sessions = require("client-sessions");
app.use(sessions({
  cookieName: 'mySession', // cookie name dictates the key name added to the request object 
  secret: 'blargadeeblargblarg', // should be a large unguessable string 
  duration: 24 * 60 * 60 * 1000, // how long the session will stay valid in ms 
  activeDuration: 1000 * 60 * 5 // if expiresIn < activeDuration, the session will be extended by activeDuration milliseconds 
}));

app.use(function(req, res, next) {
  if (req.mySession.seenyou) {
    res.setHeader('X-Seen-You', 'true');
  } else {
    // setting a property will automatically cause a Set-Cookie response 
    // to be sent 
    req.mySession.seenyou = true;
    res.setHeader('X-Seen-You', 'false');
  }
});

code of lib/client-sessions.js 检查秘密或两个密钥是否在 clientSessionFactory 方法中初始化:

https://github.com/mozilla/node-client-sessions/blob/d0c20af3b0ed7750c68d3ae67819dfe203fa3d60/lib/client-sessions.js#L542

  if (!(opts.secret || (opts.encryptionKey && opts.signatureKey))) {
    throw new Error("cannot set up sessions without a secret "+
                    "or encryptionKey/signatureKey pair");
  }

https://hacks.mozilla.org/2012/12/using-secure-client-side-sessions-to-build-simple-and-scalable-node-js-applications-a-node-js-holiday-season-part-3/ 页面说明如何设置secret - 通过使用一些长的随机字符串(for example, combine several strings from the site random.org):

app.use(clientSessions({
  secret: '0GBlJZ9EKBt2Zbi2flRPvztczCewBxXK' // set this to a long random string!
}));

【讨论】:

    【解决方案2】:

    我认为您遇到的错误是不言自明的。如果您遵循堆栈跟踪,您可以在以下路径和行中看到:

    /home/tom/cookiestut/app.js:34:9 您缺少设置 cookie 会话配置的密码。可能您已将其配置为环境变量,但您忘记定义它。

    在 cookie 设置中手动添加一个秘密

    【讨论】:

      猜你喜欢
      • 2016-09-10
      • 1970-01-01
      • 2016-03-12
      • 1970-01-01
      • 2013-12-25
      • 2014-05-31
      • 2022-12-03
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多