|
1
|
/**
|
|
2
|
* Module dependencies.
|
|
3
|
*/
|
|
4
|
|
|
5
|
var crypto = require('crypto');
|
|
6
|
|
|
7
|
/**
|
|
8
|
* Sign the given `val` with `secret`.
|
|
9
|
*
|
|
10
|
* @param {String} val
|
|
11
|
* @param {String} secret
|
|
12
|
* @return {String}
|
|
13
|
* @api private
|
|
14
|
*/
|
|
15
|
|
|
16
|
exports.sign = function(val, secret){
|
|
17
|
if ('string' != typeof val) throw new TypeError("Cookie value must be provided as a string.");
|
|
18
|
if ('string' != typeof secret) throw new TypeError("Secret string must be provided.");
|
|
19
|
return val + '.' + crypto
|
|
20
|
.createHmac('sha256', secret)
|
|
21
|
.update(val)
|
|
22
|
.digest('base64')
|
|
23
|
.replace(/\=+$/, '');
|
|
24
|
};
|
|
25
|
|
|
26
|
/**
|
|
27
|
* Unsign and decode the given `val` with `secret`,
|
|
28
|
* returning `false` if the signature is invalid.
|
|
29
|
*
|
|
30
|
* @param {String} val
|
|
31
|
* @param {String} secret
|
|
32
|
* @return {String|Boolean}
|
|
33
|
* @api private
|
|
34
|
*/
|
|
35
|
|
|
36
|
exports.unsign = function(val, secret){
|
|
37
|
if ('string' != typeof val) throw new TypeError("Signed cookie string must be provided.");
|
|
38
|
if ('string' != typeof secret) throw new TypeError("Secret string must be provided.");
|
|
39
|
var str = val.slice(0, val.lastIndexOf('.'))
|
|
40
|
, mac = exports.sign(str, secret);
|
|
41
|
|
|
42
|
return sha1(mac) == sha1(val) ? str : false;
|
|
43
|
};
|
|
44
|
|
|
45
|
/**
|
|
46
|
* Private
|
|
47
|
*/
|
|
48
|
|
|
49
|
function sha1(str){
|
|
50
|
return crypto.createHash('sha1').update(str).digest('hex');
|
|
51
|
}
|