The edge runtime does not support Node.js 'crypto' module

[Zeryther]

Hi, unfortunately I am failing to get next-app-session running in Next.js edge middleware:

The issue seems to be coming from cookie-signature, which uses the crypto module.

In my code, I simply called the session as recommended in the docs:

const socialLoginStep: SocialLoginStep | undefined = await session().get('socialLoginStep');

[majidkuhail]

Hi @Zeryther

Thanks for flagging this, Its seems the package cookie-signature does not have any plans on migrating to use the Web_Crypto_Api instead of the Node.js crypto module. So I will need to switch to another library to sign/encode cookie values.

For now, Since the signing of the cookie value holding the session ID is only an added level of security, its not essential for storing the SessionID in the client cookies, if you wish you can disable the encoding by setting the property secret: '', this should disable the signing process and hopefully get rid of that error. or maybe not?! it worth testing.

I'll schedule some time to migrate to another signature library that supports edge, and also possibly expose the encode/decode functions as session properties to allow for custom implementation.

[asaadam]

Hi already using secret: '', but somehow the issue still there