I have installed a NPM by the name of cookie-session v2.0 which I want to use to transport a JWT to a client browser with HTTPS protocol. However when I want to set the secure option to true according to the documentation of https://www.npmjs.com/package/cookie-session, I receive an error which indicates the following:
Argument of type '{ signed: false; secure: any; }' is not assignable to parameter of type '{ httpOnly?: boolean; keys?: any[]; name?: string; overwrite?: boolean; secret?: string; signed?: boolean; }'.
Object literal may only specify known properties, but 'secure' does not exist in type '{ httpOnly?: boolean; keys?: any[]; name?: string; overwrite?: boolean; secret?: string; signed?: boolean; }'. Did you mean to write 'secret'?
and if I hover over cookieSession, I can see clearly that there is no such property assigned according the documentation.
(alias) cookieSession(options?: {
httpOnly?: boolean;
keys?: any[];
name?: string;
overwrite?: boolean;
secret?: string;
signed?: boolean;
}): Function
import cookieSession
This is my code so far in my expressApp file:
const express = require("express");
const cookieSession = require("cookie-session");
const cors = require("cors");
const { errorHandler } = require("./middleware");
const { NotFoundError } = require("./errors");
const routers = require("./routes");
const expressApp = function async(app) {
app.set("trust proxy", true);
app.use(express.json());
app.use(
cookieSession({
signed: false,
})
);
app.use(express.urlencoded({ extended: true, limit: "1mb" }));
app.use(cors());
app.use("/api/v1", routers);
app.all("*", async (req, res) => {
throw new NotFoundError();
});
app.use(errorHandler);
};
module.exports = expressApp;
How can I fix this issue so I can set the secure option to true?
Thank you very much in advanced!
CodePudding user response:
As per documentation you linked
Cookie Options - Other options are passed to
cookies.get()
andcookies.set()
allowing you to control security, domain, path, and signing among other settings.
You cannot set cookies to be secure while you are creating the cookieSession
in app.use
but you can set it when you setting or getting the cookie in your route.
cookies.set({ secure: true });
Check this answer out on how to send secure cookie in expressjs