diff --git a/src/index.ts b/src/index.ts
index 4b92a70..fa7e51a 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -85,16 +85,7 @@ export function csrf(opts: CSRFOptions = {}) {
     let token: string
 
     req.csrfToken = (): string => {
-      let newSecret = !options.cookie ? getSecret(req, options.sessionKey, options.cookie, options.middleware) : secret
-
-      if (token && newSecret === secret) {
-        return token
-      }
-
-      if (newSecret === undefined) {
-        newSecret = tokens.secret()
-        setSecret(req, res, options.sessionKey, newSecret, options.cookie, options.middleware)
-      }
+      const newSecret = !options.cookie ? getSecret(req, options.sessionKey, options.cookie, options.middleware) : secret
 
       token = tokens.create(newSecret)
       return token
@@ -136,10 +127,6 @@ function verifyConfiguration(
     return false
   }
 
-  if (middleware !== 'session' && middleware !== 'cookie') {
-    return false
-  }
-
   if (cookie?.signed && !req?.secret) {
     return false
   }