Categories
csrf express javascript node.js

Error: misconfigured csrf – Express JS 4

I am trying to enable the csrf module of Express 4 in an existing application.

I have added the following code:

var csrf = require('csurf')
...
app.use(csrf());

I have started my application and I get:

Error: misconfigured csrf

and a stack trace. Nothing else.

I have checked the documentation, but it is unclear. Can someone help? What is the minimum configuration required to use this module?

I have found the solution. The call to app.use(csrf()) must be set after app.use(cookieParser()) AND app.use(session({...}).