[Advanced Node and Express/Implement the Serialization of a Passport User] Error: express-session deprecated req.secret; provide secret option server.js

Tell us what’s happening:

My code throws me an error and I couldn’t pass the part of ‘Database connection should be present’. There are some things I guess that may cause the error. However, I still couldn’t figure out the problem and solve it. I would appreciate any help. Thanks!

express-session deprecated req.secret; provide secret option server.js:18:9
TypeError: Cannot read property 'split' of null
    at parseSrvConnectionString (/home/runner/boilerplate-advancednode/node_modules/mongodb/lib/core/uri_parser.js:44:23)
    at parseConnectionString (/home/runner/boilerplate-advancednode/node_modules/mongodb/lib/core/uri_parser.js:587:12)

(1) MONGO_URL

I couldn’t add or find .env file, so I used Secrets (Environment variables) to create const mySecret in connection.js file.

  • key: MONGO_URL
  • value: ‘mongodb+srv://[ID]:[PW]@cluster0.6hk0t.mongodb.net/myFirstDatabase?retryWrites=true&w=majority’
const mySecret = process.env['MONGO_URL']

async function main(callback) {
    const URI = mySecret; 
    ...

(2) TypeError: Cannot read property ‘split’ of null
I tried to change null to “” in the following code.

  passport.serializeUser((user, done) => {
    done(null, user._id);
  });
  passport.deserializeUser( (id, done) => {
    myDataBase.findOne({ _id: new ObjectID(id) }, (err, doc) => {
      done("", doc);
    });
  });

(3) Error: secret option required for sessions
I guess it tells an error on here, but I am not sure what needs to be done.

app.use(session({
  secret: process.env.SESSION_SECRET,
  resave: true,
  saveUninitialized: true,
  cookie: { secure: false }
}));

Your code so far

Here is the link to my replit.

Your browser information:

User Agent is: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.164 Safari/537.36

Challenge: Implement the Serialization of a Passport User

Link to the challenge:

Try removing the quotes around the connection string.

1 Like

Thank you, but still the same.

[not working] Tried to remove the quotes around the url.

‘mongodb+srv://[ID]:[PW]@cluster0.6hk0t.mongodb.net/myFirstDatabase?retryWrites=true&w=majority’

[not working] Tried to remove the quotes around the ‘MONGO_URL’ .

const mySecret = process.env['MONGO_URL']

[not working] Tried to just use process.env.MONGO_URL aftre declaring using Secrets.

async function main(callback) {
    const URI = process.env.MONGO_URL; 
    const client = new MongoClient(URI, { useNewUrlParser: true, useUnifiedTopology: true });```

Are you saying you are still getting the error message Cannot read property 'split' of null?

Because as far as I know, that happens when the connection string is inside quotes (example).

Oh, that one is solved. Thanks.

Sorry, I only checked whether it passed the ‘Database connection should be present…’

Current my console shows

express-session deprecated req.secret; provide secret option server.js:18:9
18   app.use(session({
19     secret: process.env.SESSION_SECRET,
20     resave: true,
21     saveUninitialized: true,
22     cookie: { secure: false }
23   }));

Did you add the SESSION_SECRET key and value to your Secrets environment variables?

1 Like

I wasn’t sure even after reading this .

One should add a secret while creating an instance of express-session in middleware.

And didn’t try to create key - value until you asked me to do. There was nothing to lose to try and see, but I still didn’t do that… :woman_facepalming:t2:

Thank you for your help!!!

For someone who may account for the same problem, here is a summary:

** There is no more .env file in replit, so I had to create MONGO_URL in connection.js and SESSION_SECRET in server.js using :lock: Secrets (Environment variables).

(1) MONGO_URL

  • key: MONGO_URL
  • value: (sample) mongodb+srv://[ID]:[PW]@cluster0.6hk0t.mongodb.net/myFirstDatabase?retryWrites=true&w=majority

(2) SESSION_SECRET

  • key: SESSION_SECRET
  • value: [anything, but not in the quotes?]

[ server.js ]

const mySecret = process.env['SESSION_SECRET'];

app.use(session({
  secret: mySecret,
  resave: true,
  saveUninitialized: true,
  cookie: { secure: false }
}));

[connection.js]

const mySecret = process.env['MONGO_URL'];

async function main(callback) {
    const URI = mySecret; // Declare MONGO_URI in your .env file
    const client = new MongoClient(URI, { useNewUrlParser: true, useUnifiedTopology: true });