Provides methods and middleware to assist in validating and decrypting .NET authorization tickets usually in the .ASPXAUTH cookie.
The module must be initialized with configuration that corresponds to your .NET configuration and the machine key used to generate the auth ticket.
validationMethod (string): (default "sha1")validationKey (string): hex encoded key to use for signature validationdecryptionMethod (string): (default "aes")decryptionIV (string): hex encoded initialization vector (defaults to a vector of zeros)decryptionKey (string): hex encoded key to use for decryptionticketVersion (integer): if specified then will be used to validate the ticket versionvalidateExpiration (bool): (default true) if false then decrypted tickets will be returned even if past their expirationvar aspxauth = require( "aspxauth" )( {
validationMethod: "sha1",
validationKey: process.env.DOTNET_VALIDATION_KEY,
decryptionMethod: "aes",
decryptionIV: process.env.DOTNET_DECRYPTION_IV,
decryptionKey: process.env.DOTNET_DECRYPTION_KEY
} );
var authTicket = aspxauth.decrypt( req.cookies[ ".ASPXAUTH" ] );
FAQs
Verify and decrypt .NET's .ASPXAUTH cookie from node
The npm package aspxauth receives a total of 10 weekly downloads. As such, aspxauth popularity was classified as not popular.
We found that aspxauth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.