res.cookie is undefined with connect 3
imrefazekas opened this issue · comments
Imre Fazekas commented
Dear All,
I just switched to connect 3 and i have an issue, hoped you can help me out.
var connect = require('connect'),
cookieParser = require('cookie-parser'),
cookieSession = require('cookie-session'),
csrf = require('csurf')
...
var app = connect()
.use( cookieParser( process.env.SEC_SESSION_PASS || global.config.server.session.hashSecret ) )
.use( cookieSession( {
name: text'.sid',
secret: 'secret',
cookie: { httpOnly: true }
} ) )
.use( csrf( { cookie: { key: 'XSRF-TOKEN', httpOnly: true } } ) )
...
And to all request I send I received this:
/.../node_modules/csurf/index.js:65
res.cookie(cookieKey, secret, cookie);
^
TypeError: undefined is not a function
at /.../node_modules/csurf/index.js:65:13
at Object.ondone (/.../node_modules/csurf/node_modules/csrf-tokens/node_modules/uid-safe/index.js:13:7)
All packages are the latest ones available in NPMJS.
Tanks in advance!
Douglas Wilson commented
Thanks. connect
3 no longer adds any patches to res
, which is why there is no res.cookie
any longer. I'll fix this module to not rely on that patch existing is all.
Imre Fazekas commented
Thanks, that would be great!
Douglas Wilson commented
Just as an update here, the integration with res.cookies
in express
is not easy to get rid of, especially with the implicit cookie signing. For now, session-based tokens should work fine, but untangling the res.cookie
dependence is still to be done.