@tinyhttp/cookie-signature
Advanced tools
Comparing version 2.0.4 to 2.0.5
@@ -1,17 +0,11 @@ | ||
import { createHmac, timingSafeEqual } from 'crypto'; | ||
/** | ||
* Sign the given `val` with `secret`. | ||
*/ | ||
const sign = (val, secret) => `${val}.${createHmac('sha256', secret).update(val).digest('base64').replace(/=+$/, '')}`; | ||
/** | ||
* Unsign and decode the given `val` with `secret`, | ||
* returning `false` if the signature is invalid. | ||
*/ | ||
import { createHmac, timingSafeEqual } from "crypto"; | ||
const sign = (val, secret) => `${val}.${createHmac("sha256", secret).update(val).digest("base64").replace(/=+$/, "")}`; | ||
const unsign = (val, secret) => { | ||
const str = val.slice(0, val.lastIndexOf('.')), mac = sign(str, secret), macBuffer = Buffer.from(mac), valBuffer = Buffer.alloc(macBuffer.length); | ||
valBuffer.write(val); | ||
return timingSafeEqual(macBuffer, valBuffer) ? str : false; | ||
const str = val.slice(0, val.lastIndexOf(".")), mac = sign(str, secret), macBuffer = Buffer.from(mac), valBuffer = Buffer.alloc(macBuffer.length); | ||
valBuffer.write(val); | ||
return timingSafeEqual(macBuffer, valBuffer) ? str : false; | ||
}; | ||
export { sign, unsign }; | ||
export { | ||
sign, | ||
unsign | ||
}; |
{ | ||
"name": "@tinyhttp/cookie-signature", | ||
"version": "2.0.4", | ||
"version": "2.0.5", | ||
"description": "HTTP cookie signing and unsigning", | ||
@@ -31,5 +31,8 @@ "homepage": "https://tinyhttp.v1rtl.site", | ||
"license": "MIT", | ||
"dependencies": {}, | ||
"scripts": { | ||
"build": "rollup -c ../../build/defaultConfig.js" | ||
"dev": "vite", | ||
"build": "vite build", | ||
"postbuild": "tsc --emitDeclarationOnly" | ||
} | ||
} |
3363
20