Express Error: connect.cookieParser("secret") required for security when using sessions

注意到了嗎?最近expressjs升版了,目前版本是Express 3.0.0 Alpha1

# npm list express
npm WARN ls doesn't take positional args. Try the 'search' command
/root
├── ejs@0.7.1 
├─┬ express@3.0.0alpha1 
│ ├── commander@0.5.2 
│ ├─┬ connect@2.1.2 
│ │ ├── crc@0.1.0 
....
  │ └── semver@1.0.13 
  ├── sprintf@0.1.1 
  └─┬ ssh-agent@0.1.0 
    └── ctype@0.5.0 

但是使用了新的版本,執行上卻出現不明的Exception...
仔細檢查與舊版本間的差異...發現2.x跟3.x的版本有不少地方不一樣
直覺下做了幾個測試:

1. 2.x執行3.x所產生程式碼....無法執行,3.x的一些宣告2.x不認得,應該是function有做過修改...
# node app.js 
node.js:201
        throw e; // process.nextTick error, or 'error' event on first tick
              ^
TypeError: object is not a function
    at Object.CALL_NON_FUNCTION (native)
    at Object.<anonymous> (/root/TestPrj2/app.js:10:11)
    at Module._compile (module.js:441:26)
    at Object..js (module.js:459:10)
    at Module.load (module.js:348:31)
    at Function._load (module.js:308:12)
    at Array.0 (module.js:479:10)
    at EventEmitter._tickCallback (node.js:192:40)
2. 3.x執行2.x所產生程式碼....無法執行,有下面exception...判斷是某些物件欄位修改了...
# node app.js 
node.js:201
        throw e; // process.nextTick error, or 'error' event on first tick
              ^
TypeError: Object function app(req, res){ app.handle(req, res); } has no method 'address'
    at Server.<anonymous> (/tmp/T1/app.js:40:69)
    at Server.g (events.js:156:14)
    at Server.emit (events.js:64:17)
    at Array.0 (net.js:777:10)
    at EventEmitter._tickCallback (node.js:192:40)
3. 3.x執行session設定....無法執行,這個我還沒找出來3.x怎麼設定session而不會有錯誤@@
# node app.js 
Error: connect.cookieParser("secret") required for security when using sessions
    at Object.session [as handle] (/tmp/T1/node_modules/express/node_modules/connect/lib/middleware/session.js:212:28)
    at next (/tmp/T1/node_modules/express/node_modules/connect/lib/proto.js:191:15)
    at Object.cookieParser [as handle] (/tmp/T1/node_modules/express/node_modules/connect/lib/middleware/cookieParser.js:60:5)
    at next (/tmp/T1/node_modules/express/node_modules/connect/lib/proto.js:191:15)
    at multipart (/tmp/T1/node_modules/express/node_modules/connect/lib/middleware/multipart.js:45:61)
    at /tmp/T1/node_modules/express/node_modules/connect/lib/middleware/bodyParser.js:57:9
    at urlencoded (/tmp/T1/node_modules/express/node_modules/connect/lib/middleware/urlencoded.js:34:72)
    at /tmp/T1/node_modules/express/node_modules/connect/lib/middleware/bodyParser.js:55:7
    at json (/tmp/T1/node_modules/express/node_modules/connect/lib/middleware/json.js:41:55)
    at Object.bodyParser [as handle] (/tmp/T1/node_modules/express/node_modules/connect/lib/middleware/bodyParser.js:53:5)


下面是我遇到的問題....在把jade改成ejs時候還OK,但是設定session部分就會有錯誤:

使用3.0產生之原始碼:

/**
 * Module dependencies.
 */
var express = require('express')
  , routes = require('./routes')
  , http = require('http');
var app = express();
app.configure(function(){
  app.set('views', __dirname + '/views');
  app.set('view engine', 'jade');
  app.use(express.favicon());
  app.use(express.logger('dev'));
  app.use(express.static(__dirname + '/public'));
  app.use(express.bodyParser());
  app.use(express.methodOverride());
  app.use(app.router);
});
app.configure('development', function(){
  app.use(express.errorHandler());
});
app.get('/', routes.index);
http.createServer(app).listen(3000);
console.log("Express server listening on port 3000");

修改成使用ejs做view presentation

/**
 * Module dependencies.
 */
var express = require('express')
  , routes = require('./routes')
  , http = require('http');
var app = express();
app.configure(function(){
    app.set('views', __dirname + '/views');
    app.set('view engine', 'ejs');
    app.use(express.bodyParser());
    app.use(express.cookieParser());
    app.use(express.session({ secret: "keyboard cat" }));
    app.use(express.methodOverride());
    app.use(app.router);
    app.use(express.static(__dirname + '/public'));
    app.set("view options", {layout : false});
})
app.get('/', function(req, res){
    res.render('index', {
      title: 'I am Benson'
    });
});
http.createServer(app).listen(3000);
console.log("Express server listening on port 3000");
比對一下2.x產生的程式碼:
/**
 * Module dependencies.
 */
var express = require('express')
  , routes = require('./routes');
var app = module.exports = express.createServer();
// Configuration
app.configure(function(){
  app.set('views', __dirname + '/views');
  app.set('view engine', 'jade');
  app.use(express.bodyParser());
  app.use(express.methodOverride());
  app.use(app.router);
  app.use(express.static(__dirname + '/public'));
});
app.configure('development', function(){
  app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
});
app.configure('production', function(){
  app.use(express.errorHandler());
});
// Routes
app.get('/', routes.index);
app.listen(3000, function(){
  console.log("Express server listening on port %d in %s mode", app.address().port, app.settings.env);
});

2與3的差異部分大致上是紅色部分

而3.x在加上了session設定後執行錯誤如下:
[root@bensonS64PLUS1 ~/TestPrj]# node app.js                                                                                                                                                              
Express server listening on port 3000
Error: connect.cookieParser("secret") required for security when using sessions
    at Object.session [as handle] (/root/TestPrj/node_modules/express/node_modules/connect/lib/middleware/session.js:212:28)
    at next (/root/TestPrj/node_modules/express/node_modules/connect/lib/proto.js:191:15)
    at Object.cookieParser [as handle] (/root/TestPrj/node_modules/express/node_modules/connect/lib/middleware/cookieParser.js:60:5)
    at next (/root/TestPrj/node_modules/express/node_modules/connect/lib/proto.js:191:15)
    at multipart (/root/TestPrj/node_modules/express/node_modules/connect/lib/middleware/multipart.js:45:61)
    at /root/TestPrj/node_modules/express/node_modules/connect/lib/middleware/bodyParser.js:57:9
    at urlencoded (/root/TestPrj/node_modules/express/node_modules/connect/lib/middleware/urlencoded.js:34:72)
    at /root/TestPrj/node_modules/express/node_modules/connect/lib/middleware/bodyParser.js:55:7
    at json (/root/TestPrj/node_modules/express/node_modules/connect/lib/middleware/json.js:41:55)
    at Object.bodyParser [as handle] (/root/TestPrj/node_modules/express/node_modules/connect/lib/middleware/bodyParser.js:53:5)

目前還未找到session如何使用2.x的寫法,暫時可以解決的方法如下:
1. 取消"app.use(express.session({ secret: "keyboard cat" }));"
2. 降版express:
$ npm uninstall express
$ npm uninstall express -gd
$ npm install express@2.5.9
$ npm install express@2.5.9 -gd
如果採用將版的選擇
請不要忘記修改專案package的定義
# vi package.json 
{
    "name": "application-name"
  , "version": "0.0.1"
  , "private": true
  , "dependencies": {
      "express": "2.5.8"
    , "jade": ">= 0.0.1"
  }
}

附註:
express 3.0的產生的原始碼於2.*是不能用的,專案需要重新產生
或是修改幾個部分:
1. 修改express宣告:
var app = express(); //3.0
修改為
var app = module.exports = express.createServer();
2. 修改http server建立宣告
http.createServer(app).listen(3000); //3.0
修改為
app.listen(3000, function(){
  console.log("Express server listening on port %d in %s mode", app.address().port, app.settings.env);
});


附註:
確認您的express版本
# npm list express
npm WARN ls doesn't take positional args. Try the 'search' command
application-name@0.0.1 /tmp/T1
├── ejs@0.7.1  extraneous
├─┬ express@2.5.8 
│ ├─┬ connect@1.8.7 
│ │ └── formidable@1.0.9 
│ ├── mime@1.2.4 
│ ├── mkdirp@0.3.0 
│ └── qs@0.4.2 
└─┬ jade@0.25.0 
  ├── commander@0.5.2 
  └── mkdirp@0.3.0 








這個網誌中的熱門文章

Bash判斷參數是否存在

Node.js package : forever