open-source-labs/dbSpy

Error: secret option required for sessions when running dbspy service

vialcollet opened this issue ยท 0 comments

vialcollet commented

Description

I've encountered an issue when trying to upload an SQL file to the dbspy service. The following error appears in the logs:

[09:53:35.000] INFO: Securely Running at 3000
dbspy-dbspy-1     | Error: secret option required for sessions
dbspy-dbspy-1     |     at session (/usr/src/app/node_modules/express-session/index.js:200:12)
dbspy-dbspy-1     |     at Layer.handle [as handle_request] (/usr/src/app/node_modules/express/lib/router/layer.js:95:5)
dbspy-dbspy-1     |     at trim_prefix (/usr/src/app/node_modules/express/lib/router/index.js:328:13)
dbspy-dbspy-1     |     at /usr/src/app/node_modules/express/lib/router/index.js:286:9
dbspy-dbspy-1     |     at Function.process_params (/usr/src/app/node_modules/express/lib/router/index.js:346:12)
dbspy-dbspy-1     |     at next (/usr/src/app/node_modules/express/lib/router/index.js:280:10)
dbspy-dbspy-1     |     at SendStream.error (/usr/src/app/node_modules/serve-static/index.js:121:7)
dbspy-dbspy-1     |     at SendStream.emit (node:events:520:28)
dbspy-dbspy-1     |     at SendStream.emit (node:domain:488:12)
dbspy-dbspy-1     |     at SendStream.error (/usr/src/app/node_modules/send/index.js:270:17)

Reproduction

Steps to Reproduce:

  1. Pull the latest code from the repository.
  2. Build the Docker image using the provided Dockerfile that I adjusted as shown below
  3. Start the Docker container using docker-compose provided below.
  4. Try to upload an SQL file to the dbspy service.

Expected Behavior:
The SQL file should be uploaded successfully without any errors.

Actual Behavior:
The service logs an error indicating that the secret option is required for session management.

System information

System:

  • OS: Linux 6.2 Debian GNU/Linux 12 (bookworm) 12 (bookworm)
  • CPU: (2) x64 Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
  • Memory: 926.69 MB / 3.76 GB
  • Container: Yes
  • Shell: 5.2.15 - /bin/bash

Binaries:

  • Node: 22.2.0 - /usr/local/bin/node
  • Yarn: 1.22.19 - /usr/local/bin/yarn
  • npm: 10.7.0 - /usr/local/bin/npm

Additional information

Below is the current Dockerfile and docker-compose.yml used:

Dockerfile:

FROM node:latest

WORKDIR /usr/src/app

RUN apt-get update && apt-get install -y libnss3-tools wget && \
    wget https://dl.filippo.io/mkcert/latest?for=linux/amd64 -O /usr/local/bin/mkcert && \
    chmod +x /usr/local/bin/mkcert && \
    mkcert -install

COPY . /usr/src/app

RUN npm ci && npm cache clean --force && npm run build 
RUN npm run cert:linux

EXPOSE 3000

ENTRYPOINT ["npm", "run", "start"]

docker-compose.yml:

version: "3.8"

services:
  dbspy:
    build: .
    depends_on:
      - dbspy_db
    restart: unless-stopped
    networks:
      - backend
      - webproxy

  dbspy_db:
    image: mariadb:latest
    environment:
      MYSQL_ROOT_PASSWORD: ${ROOT_PWD}
      MYSQL_DATABASE: ${MYSQL_DATABASE}
      MYSQL_USER: ${USER_DB_USER}
      MYSQL_PASSWORD: ${USER_DB_PW}
    networks:
      - backend
    restart: unless-stopped
    volumes:
      - data:/var/lib/mysql

networks: 
  webproxy:
    name: webproxy
    external: true
  backend:

volumes:  
  data:

.env file

# production environment variables
USER_DB_URL = dbspy_db
USER_DB_USER = dbspy
USER_DB_PW = xxxxxxxxxxxxxxxxx
TOKEN_KEY = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
ROOT_PWD = xxxxxxxxxxxxxxxxxxxx
MYSQL_DATABASE = test
# testing environment variables
## encoded SSL data required for GitHub Actions
SSL_KEY = <base64 encoded SSL key (see SSL Configuration)>
SSL_CERT = <base64 encoded SSL cert>
## MySQL and Postgres databases to test remote connection functionality
MYSQL_TEST_URL = <MySQL url for a test database>
MYSQL_TEST_USERNAME = <user string from MYSQL_TEST_URL>
MYSQL_TEST_PW = <password string from MYSQL_TEST_URL>
PG_TEST_URL = <PostgreSQL url for a test database>
PG_TEST_USERNAME = <user string from PG_TEST_URL>
PG_TEST_PW = <password string from PG_TEST_URL>
## test user with saved schema to test save/load functionality
TEST_USER_EMAIL = <email string>
TEST_USER_PW = <password string>

GOOGLE_OAUTH_CLIENT_ID = <Google Oauth client id>
GOOGLE_OAUTH_CLIENT_SECRET= <Google Oauth client id>
GOOGLE_OAUTH_REDIRECT_URI = 'http://localhost:8080/display'

GITHUB_OAUTH_CLIENT_ID = <Github Oauth client id>
GITHUB_OAUTH_CLIENT_SECRET= <Github Oauth client id>
GITHUB_OAUTH_REDIRECT_URI = 'http://localhost:8080/display'

๐Ÿ‘จโ€๐Ÿ‘งโ€๐Ÿ‘ฆ Contributing

  • ๐Ÿ™‹โ€โ™‚๏ธ Yes, I'd love to make a PR to fix this bug!