I am trying to enable the csrf module of Express 4 in an existing application.
I have added the following code:
var csrf = require('csurf')
...
app.use(csrf());
I have started my application and I get:
Error: misconfigured csrf
and a stack trace. Nothing else.
I have checked the documentation, but it is unclear. Can someone help? What is the minimum configuration required to use this module?
I have found the solution. The call to app.use(csrf())
must be set after app.use(cookieParser())
AND app.use(session({...})
.
If you're using Redis as a session store and the server isn't running, you will also get a misconfigured error.
https://github.com/expressjs/csurf/issues/73
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With