Bruce Gust
asked on
My csrf token is misconfigured...what's wrong?
Here's my code:
I'm getting an error that says my csrf token is misconfigured and I don't know what to do or where to start.
Here's the whole error:
Thanks!
require("dotenv").config();
const express = require("express");
const mongoose = require("mongoose");
const csrf = require("csurf");
const bodyParser = require("body-parser");
const app = express();
const conn = process.env.CONNECTION;
const csrfProtection = csrf();
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(csrfProtection);
const loginRoutes = require("./routes/login");
const authRoutes = require("./routes/auth");
const createRoutes = require("./routes/create");
app.use((req, res, next) => {
res.locals.csrfToken = req.csrfToken();
next();
});
app.use(loginRoutes);
app.use(authRoutes);
app.use(createRoutes);
mongoose
.connect(conn)
.then(result => {
app.listen(5000);
})
.catch(err => {
console.log(err);
});
I'm getting an error that says my csrf token is misconfigured and I don't know what to do or where to start.
Here's the whole error:
Error: misconfigured csrf
at csrf (C:\wamp\www\authentication\node_modules\csurf\index.js:71:19)
at Layer.handle [as handle_request] (C:\wamp\www\authentication\node_modules\express\lib\router\layer.js:95:5)
at trim_prefix (C:\wamp\www\authentication\node_modules\express\lib\router\index.js:317:13)
at C:\wamp\www\authentication\node_modules\express\lib\router\index.js:284:7
at Function.process_params (C:\wamp\www\authentication\node_modules\express\lib\router\index.js:335:12)
at next (C:\wamp\www\authentication\node_modules\express\lib\router\index.js:275:10)
at urlencodedParser (C:\wamp\www\authentication\node_modules\body-parser\lib\types\urlencoded.js:100:7)
at Layer.handle [as handle_request] (C:\wamp\www\authentication\node_modules\express\lib\router\layer.js:95:5)
at trim_prefix (C:\wamp\www\authentication\node_modules\express\lib\router\index.js:317:13)
at C:\wamp\www\authentication\node_modules\express\lib\router\index.js:284:7
at Function.process_params (C:\wamp\www\authentication\node_modules\express\lib\router\index.js:335:12)
at next (C:\wamp\www\authentication\node_modules\express\lib\router\index.js:275:10)
at jsonParser (C:\wamp\www\authentication\node_modules\body-parser\lib\types\json.js:119:7)
at Layer.handle [as handle_request] (C:\wamp\www\authentication\node_modules\express\lib\router\layer.js:95:5)
at trim_prefix (C:\wamp\www\authentication\node_modules\express\lib\router\index.js:317:13)
at C:\wamp\www\authentication\node_modules\express\lib\router\index.js:284:7
Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
you welcome
ASKER
In the tutorial, it didn't really reference the NEED to be using a session dynamic, but apparently that's a crucial thing with CSRF.
Thanks!