Product
Introducing Webhook Events for Alert Changes
Add real-time Socket webhook events to your workflows to automatically receive software supply chain alert changes in real time.
By Phil Gates-Idem -  Nov 21, 2025
🚀 DAY 5 OF LAUNCH WEEK:Introducing Webhook Events for Alert Changes.Learn more →
cookie-signature
Advanced tools
cookie-signature
Sign and unsign cookies.
Example
var cookie = require('cookie-signature');
var val = cookie.sign('hello', 'tobiiscool');
val.should.equal('hello.DGDUkGlIkCzPz+C0B064FNgHdEjox7ch8tOBGslZ5QI');
var val = cookie.sign('hello', 'tobiiscool');
cookie.unsign(val, 'tobiiscool').should.equal('hello');
cookie.unsign(val, 'luna').should.be.false;
License
MIT.
See LICENSE file for details.
Other packages similar to cookie-signature
jsonwebtoken
jsonwebtoken (or JWT) is a package that allows you to encode and decode JSON Web Tokens, which are an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This package provides more complex features like token expiration, audience, issuer validation, and more, compared to the simpler cookie-signature package.
secure-cookie
secure-cookie is a package that provides cookie signing and encryption. It offers additional security by encrypting the cookie value, which cookie-signature does not do. secure-cookie is a good choice if you need to protect sensitive information in cookies beyond just preventing tampering.
keygrip
keygrip is a package for signing and verifying data (like cookies) but with support for key rotation. It allows you to use an array of keys for signing and will verify signatures against any of the provided keys. This is useful for applications that need to rotate secrets without invalidating existing signatures, which is not a feature provided by cookie-signature.
FAQs
Package last updated on 29 Oct 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ENISA Becomes a CVE Root, Expanding Its Role in Europe’s Vulnerability Ecosystem
ENISA has become a CVE Program Root, giving the EU a central authority for coordinating vulnerability reporting, disclosure, and cross-border response.
By Sarah Gooding -  Nov 21, 2025
Product
Introducing Socket Scanning for OpenVSX Extensions
Socket now scans OpenVSX extensions, giving teams early detection of risky behaviors, hidden capabilities, and supply chain threats in developer tools.
By Mix Irving, Ryan Eberhardt -  Nov 20, 2025