| 1 |
3a515b92
|
cagy
|
/**
|
| 2 |
|
|
* Module dependencies.
|
| 3 |
|
|
*/
|
| 4 |
|
|
|
| 5 |
|
|
var crypto = require('crypto');
|
| 6 |
|
|
|
| 7 |
|
|
/**
|
| 8 |
|
|
* Sign the given `val` with `secret`.
|
| 9 |
|
|
*
|
| 10 |
|
|
* @param {String} val
|
| 11 |
|
|
* @param {String} secret
|
| 12 |
|
|
* @return {String}
|
| 13 |
|
|
* @api private
|
| 14 |
|
|
*/
|
| 15 |
|
|
|
| 16 |
|
|
exports.sign = function(val, secret){
|
| 17 |
|
|
if ('string' != typeof val) throw new TypeError("Cookie value must be provided as a string.");
|
| 18 |
|
|
if ('string' != typeof secret) throw new TypeError("Secret string must be provided.");
|
| 19 |
|
|
return val + '.' + crypto
|
| 20 |
|
|
.createHmac('sha256', secret)
|
| 21 |
|
|
.update(val)
|
| 22 |
|
|
.digest('base64')
|
| 23 |
|
|
.replace(/\=+$/, '');
|
| 24 |
|
|
};
|
| 25 |
|
|
|
| 26 |
|
|
/**
|
| 27 |
|
|
* Unsign and decode the given `val` with `secret`,
|
| 28 |
|
|
* returning `false` if the signature is invalid.
|
| 29 |
|
|
*
|
| 30 |
|
|
* @param {String} val
|
| 31 |
|
|
* @param {String} secret
|
| 32 |
|
|
* @return {String|Boolean}
|
| 33 |
|
|
* @api private
|
| 34 |
|
|
*/
|
| 35 |
|
|
|
| 36 |
|
|
exports.unsign = function(val, secret){
|
| 37 |
|
|
if ('string' != typeof val) throw new TypeError("Signed cookie string must be provided.");
|
| 38 |
|
|
if ('string' != typeof secret) throw new TypeError("Secret string must be provided.");
|
| 39 |
|
|
var str = val.slice(0, val.lastIndexOf('.'))
|
| 40 |
|
|
, mac = exports.sign(str, secret);
|
| 41 |
|
|
|
| 42 |
|
|
return sha1(mac) == sha1(val) ? str : false;
|
| 43 |
|
|
};
|
| 44 |
|
|
|
| 45 |
|
|
/**
|
| 46 |
|
|
* Private
|
| 47 |
|
|
*/
|
| 48 |
|
|
|
| 49 |
|
|
function sha1(str){
|
| 50 |
|
|
return crypto.createHash('sha1').update(str).digest('hex');
|
| 51 |
|
|
}
|