title: PassportJS - Failed to find request token in session date: "2018-01-29" banner: ./images/featured-image-3.jpg published_at: "" tags: "" author: Sung M. Kim
I was working with PassportJS to authenticate to Meetup using Meetup strategy. But this error drove me insane for hours.
Error: Failed to find request token in session
I'll show you one of the causes and how to fix it.
Prerequisite
There are many good tutorials on how to set up PassportJS so I will skip on this. Refer to these tutorials on how to setup PassportJS.
- Node Hero - Node.js Authentication using Passport.js - by Gergely Nemeth (@nthgergo)
- passportjs local guide - by Shawn Wang (@swyx)
You can follow along, source code is available on GitHub (refer to README on how to run it)
Error Message
This is the full error message returned while trying to authenticate with Meetup.
| Error: Failed to find request token in session | |
| at SessionStore.get (c:\misc\sources\throwaway\blog.passportjs_error\node_modules\passport-oauth1\lib\requesttoken\session.js:13:44) | |
| at Strategy.OAuthStrategy.authenticate (c:\misc\sources\throwaway\blog.passportjs_error\node_modules\passport-oauth1\lib\strategy.js:214:33) | |
| at attempt (c:\misc\sources\throwaway\blog.passportjs_error\node_modules\passport\lib\middleware\authenticate.js:361:16) | |
| at authenticate (c:\misc\sources\throwaway\blog.passportjs_error\node_modules\passport\lib\middleware\authenticate.js:362:7) | |
| at Layer.handle [as handle_request] (c:\misc\sources\throwaway\blog.passportjs_error\node_modules\express\lib\router\layer.js:95:5) | |
| at next (c:\misc\sources\throwaway\blog.passportjs_error\node_modules\express\lib\router\route.js:137:13) | |
| at Route.dispatch (c:\misc\sources\throwaway\blog.passportjs_error\node_modules\express\lib\router\route.js:112:3) | |
| at Layer.handle [as handle_request] (c:\misc\sources\throwaway\blog.passportjs_error\node_modules\express\lib\router\layer.js:95:5) | |
| at c:\misc\sources\throwaway\blog.passportjs_error\node_modules\express\lib\router\index.js:281:22 | |
| at Function.process_params (c:\misc\sources\throwaway\blog.passportjs_error\node_modules\express\lib\router\index.js:335:12) |
Here is the video of error generated
Culprit
The error occurred due to Expression Session cookie.secure value.
| app.use( | |
| session({ | |
| secret: "some secret", | |
| resave: true, | |
| saveUninitialized: true, | |
| cookie: { | |
| secure: true | |
| } | |
| }) | |
| ); |
According to Expression Session documentation setting cookie.secure to true requires an HTTPS enabled site. But it's rarely the case that your development server is HTTPS enabled.
You could set the cookie.secure value to false while developing and set it to true for production by checking process.env.NODE_ENV.
But you can do better by setting cookie.secure value to a non-Boolean value, auto, which will automatically set to true or false depending on the security of current connection.
| app.use( | |
| session({ | |
| secret: "some secret", | |
| resave: true, | |
| saveUninitialized: true, | |
| cookie: { | |
| secure: 'auto' | |
| } | |
| }) | |
| ); |
Running the updated code
Let's update the cookie.secure value to auto and try again.
And :awyeah:
it works 🎉
Conclusion
I've only discussed one possible cause for "Error: Failed to find request token in session" error message.
There are literally dozens of causes and fixes available when you Google it.