express-session deprecated req.secret; provide secret option app.js:27:9

Question

I typed npm start to run my program but this is the comment that U received in the terminal: express-session deprecated req.secret; provide secret option app.js:27:9. I don't understand how this issue needs to be fixed. This is the code from app.js:27:9

app.use(session({
    store: new FileStore(),
    secret: process.env.SESSION_SECRET,
    resave: false,
    saveUninitialized: true,
    is_logged_in: false,
}))

Answer 1

Make sure you added the SESSION_SECRET in .env file. If yes, then in your app.js, add this

const dotenv = require('dotenv').config()

Answer 2

If you are on running on Linux server: Add environment variables here

edit /etc/environment

Add:

export SESSION_SECRET="Ssdsd@#e$#Rfe@#$d#$#"

You can check if this is correct created with:

printenv or printenv SESSION_SECRET

..and yes, and in your express:

const dotenv = require('dotenv').config() 

app.use(session({
    secret: process.env.SESSION_SECRET
});

Answer 3

If you added the SESSION_SECRET in your .env file already(SESSION_SECRET='this is my session'),then do require dotenv in your app.js file similar to the following:

const dotenv = require('dotenv').config({path:'./.env'});

mentioning path is important otherwise it's not detecting SESSION_SECRET from .env file.

Answer 4

I had this same issue and the culprit was adding the SESSION_SECRET to my .env file.

Answer 5

I was facing the same problem go checkout wether your .env and .gitignore files are in the same folder where server.js is .