Permalink
Cannot retrieve contributors at this time
46 lines (40 sloc)
1.22 KB
| /** | |
| * Module dependencies. | |
| */ | |
| var crypto = require('crypto'); | |
| /** | |
| * Sign the given `val` with `secret`. | |
| * | |
| * @param {String} val | |
| * @param {String} secret | |
| * @return {String} | |
| * @api private | |
| */ | |
| exports.sign = function(val, secret){ | |
| if ('string' != typeof val) throw new TypeError("Cookie value must be provided as a string."); | |
| if ('string' != typeof secret) throw new TypeError("Secret string must be provided."); | |
| return val + '.' + crypto | |
| .createHmac('sha256', secret) | |
| .update(val) | |
| .digest('base64') | |
| .replace(/\=+$/, ''); | |
| }; | |
| /** | |
| * Unsign and decode the given `val` with `secret`, | |
| * returning `false` if the signature is invalid. | |
| * | |
| * @param {String} val | |
| * @param {String} secret | |
| * @return {String|Boolean} | |
| * @api private | |
| */ | |
| exports.unsign = function(val, secret){ | |
| if ('string' != typeof val) throw new TypeError("Signed cookie string must be provided."); | |
| if ('string' != typeof secret) throw new TypeError("Secret string must be provided."); | |
| var str = val.slice(0, val.lastIndexOf('.')) | |
| , mac = exports.sign(str, secret) | |
| , macBuffer = Buffer.from(mac) | |
| , valBuffer = Buffer.alloc(macBuffer.length); | |
| valBuffer.write(val); | |
| return crypto.timingSafeEqual(macBuffer, valBuffer) ? str : false; | |
| }; |