crypto-cookie
Advanced tools
var cryptoCookie = require('crypto-cookie');
// create a cookie object
var cookie = new CryptoCookie(req, res);
// set a session cookie
cookie.set('sessionId', 123);
// get a cookie
cookie.get('sessionId');
// or
cookie.reqCookies.sessionId
// set a cookie with attributes
cookie.set('attrs', 'ok', {
maxAge: 500,
expires: new Date('2015-05-13T07:30:00Z'),
path: '/foo',
domain: 'www.example.com',
secure: true,
httpOnly: true
});
// remove a cookie
cookie.remove('foo');
// remove a cookie with attributes
cookie.remove('foo', {
path: '/foo',
domain: 'www.example.com'
});
// set cookie expires with GMT date string
cookie.set('expiresGMT', 'ok', {
expires: 'Wed, 13 May 2015 07:30:00 GMT'
});
// set cookie expires with ISO date string
cookie.set('expiresISODate', 'ok', {
expires: '2015-05-13T07:30:00Z'
});
// set cookie expires with local date format
cookie.set('expiresLocalDate', 'ok', {
expires: '2015-05-13 07:30:00'
});
// set cookie expires with milliseconds timestamp
cookie.set('expiresTimestamp', 'ok', {
expires: 1431922243259
});
// create cookie object with default options
// the default options will apply to cookie.set()
var cookie = new CryptoCookie(req, res, {
maxAge: 500,
expires: new Date('2015-05-13T07:30:00Z'),
path: '/foo',
domain: 'www.example.com',
secure: true,
httpOnly: true
});
// set a cookie and override some default options
cookie.set('defaults', 'ok', {
maxAge: 1000
});
/*
will equivalent to
cookie.set('defaults', 'ok', {
maxAge: 100,
expires: new Date('2015-05-13T07:30:00Z'),
path: '/foo',
domain: 'www.example.com',
secure: true,
httpOnly: true
});
*/
// create cookie object with keys
var cookie = new CryptoCookie(req, res, {
keys: [crypto.pbkdf2Sync('pASsWoRD', 'SaLt', 4096, 32)]
});
// set an encrypted cookie
// this will use hmac to hash the cookie name, and aes-256-gcm to encrypt the value
cookie.set('encrypted', 'ok', {
encrypted: true
});
// get an encrypted cookie
var value = cookie.get('encrypted', {
encrypted: true
});
// set a signed cookie
cookie.set('signed', 'ok', {
signed: true
});
// get a signed cookie
var value = cookie.get('signed', {
signed: true
});
// rotate keys support
var cookie = new CryptoCookie(req, res, {
keys: [
crypto.pbkdf2Sync('NEWpASsWoRD', 'SaLt', 4096, 32),
crypto.pbkdf2Sync('pASsWoRD', 'SaLt', 4096, 32)
]
});
// when we insert a new password at the beginning of the keys list,
// we still can get the cookie encrypted with old password
var encrypted = cookie.get('encrypted', {
encrypted: true
});
// and signed cookie as well
var signed = cookie.get('signed', {
signed: true
});
MIT
FAQs
Get and set cookies with crypto
The npm package crypto-cookie receives a total of 0 weekly downloads. As such, crypto-cookie popularity was classified as not popular.
We found that crypto-cookie demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."