Last change
on this file since eed0bf8 was 6a3a178, checked in by Ema <ema_spirova@…>, 3 years ago |
initial commit
|
-
Property mode
set to
100644
|
File size:
1.2 KB
|
Line | |
---|
1 | /**
|
---|
2 | * Module dependencies.
|
---|
3 | */
|
---|
4 |
|
---|
5 | var crypto = require('crypto');
|
---|
6 |
|
---|
7 | /**
|
---|
8 | * Sign the given `val` with `secret`.
|
---|
9 | *
|
---|
10 | * @param {String} val
|
---|
11 | * @param {String} secret
|
---|
12 | * @return {String}
|
---|
13 | * @api private
|
---|
14 | */
|
---|
15 |
|
---|
16 | exports.sign = function(val, secret){
|
---|
17 | if ('string' != typeof val) throw new TypeError("Cookie value must be provided as a string.");
|
---|
18 | if ('string' != typeof secret) throw new TypeError("Secret string must be provided.");
|
---|
19 | return val + '.' + crypto
|
---|
20 | .createHmac('sha256', secret)
|
---|
21 | .update(val)
|
---|
22 | .digest('base64')
|
---|
23 | .replace(/\=+$/, '');
|
---|
24 | };
|
---|
25 |
|
---|
26 | /**
|
---|
27 | * Unsign and decode the given `val` with `secret`,
|
---|
28 | * returning `false` if the signature is invalid.
|
---|
29 | *
|
---|
30 | * @param {String} val
|
---|
31 | * @param {String} secret
|
---|
32 | * @return {String|Boolean}
|
---|
33 | * @api private
|
---|
34 | */
|
---|
35 |
|
---|
36 | exports.unsign = function(val, secret){
|
---|
37 | if ('string' != typeof val) throw new TypeError("Signed cookie string must be provided.");
|
---|
38 | if ('string' != typeof secret) throw new TypeError("Secret string must be provided.");
|
---|
39 | var str = val.slice(0, val.lastIndexOf('.'))
|
---|
40 | , mac = exports.sign(str, secret);
|
---|
41 |
|
---|
42 | return sha1(mac) == sha1(val) ? str : false;
|
---|
43 | };
|
---|
44 |
|
---|
45 | /**
|
---|
46 | * Private
|
---|
47 | */
|
---|
48 |
|
---|
49 | function sha1(str){
|
---|
50 | return crypto.createHash('sha1').update(str).digest('hex');
|
---|
51 | }
|
---|
Note:
See
TracBrowser
for help on using the repository browser.