You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
51 lines
1.2 KiB
51 lines
1.2 KiB
/** |
|
* Module dependencies. |
|
*/ |
|
|
|
var crypto = require('crypto'); |
|
|
|
/** |
|
* Sign the given `val` with `secret`. |
|
* |
|
* @param {String} val |
|
* @param {String} secret |
|
* @return {String} |
|
* @api private |
|
*/ |
|
|
|
exports.sign = function(val, secret){ |
|
if ('string' != typeof val) throw new TypeError("Cookie value must be provided as a string."); |
|
if ('string' != typeof secret) throw new TypeError("Secret string must be provided."); |
|
return val + '.' + crypto |
|
.createHmac('sha256', secret) |
|
.update(val) |
|
.digest('base64') |
|
.replace(/\=+$/, ''); |
|
}; |
|
|
|
/** |
|
* Unsign and decode the given `val` with `secret`, |
|
* returning `false` if the signature is invalid. |
|
* |
|
* @param {String} val |
|
* @param {String} secret |
|
* @return {String|Boolean} |
|
* @api private |
|
*/ |
|
|
|
exports.unsign = function(val, secret){ |
|
if ('string' != typeof val) throw new TypeError("Signed cookie string must be provided."); |
|
if ('string' != typeof secret) throw new TypeError("Secret string must be provided."); |
|
var str = val.slice(0, val.lastIndexOf('.')) |
|
, mac = exports.sign(str, secret); |
|
|
|
return sha1(mac) == sha1(val) ? str : false; |
|
}; |
|
|
|
/** |
|
* Private |
|
*/ |
|
|
|
function sha1(str){ |
|
return crypto.createHash('sha1').update(str).digest('hex'); |
|
}
|
|
|