next-session - npm Package Compare versions

Comparing version 0.1.0 to 0.1.1

lib/index.js

@@ -10,6 +10,2 @@ "use strict";
 
-var _lodash = _interopRequireDefault(require("lodash.isequal"));
-
-var _lodash2 = _interopRequireDefault(require("lodash.omit"));
-
 var Promise = _interopRequireWildcard(require("bluebird"));
@@ -33,2 +29,13 @@
 
+var hash = function hash(sess) {
+  var str = JSON.stringify(sess, function (key, val) {
+    if (key === 'cookie') {
+      return undefined;
+    }
+
+    return val;
+  });
+  return _crypto["default"].createHash('sha1').update(str, 'utf8').digest('hex');
+};
+
 var session = function session(handler) {
@@ -72,3 +79,3 @@ var options = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
       if (!req.sessionId) {
-        return Promise.resolve(JSON.parse(JSON.stringify(req.sessionStore.generate(req))));
+        return Promise.resolve(hash(req.sessionStore.generate(req)));
       }
@@ -78,10 +85,10 @@
         if (sess) {
-          return req.sessionStore.createSession(req, sess);
+          return hash(req.sessionStore.createSession(req, sess));
         }
 
-        return JSON.parse(JSON.stringify(req.sessionStore.generate(req)));
+        return hash(req.sessionStore.generate(req));
       });
     };
 
-    return getSession().then(function (sess) {
+    return getSession().then(function (hashedsess) {
       var oldEnd = res.end;
@@ -98,3 +105,3 @@
           if (req.session) {
-            if (!(0, _lodash["default"])((0, _lodash2["default"])(req.session, ['cookie']), (0, _lodash2["default"])(sess, ['cookie']))) {
+            if (hash(req.session) !== hashedsess) {
               return req.session.save();
@@ -101,0 +108,0 @@ }

package.json

 {
   "name": "next-session",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "Simple promise-based session middleware for Next.js API Routes",
@@ -35,6 +35,4 @@ "main": "lib/index.js",
     "cookie": "^0.4.0",
-    "lodash.isequal": "^4.5.0",
-    "lodash.merge": "^4.6.2",
-    "lodash.omit": "^4.5.0"
+    "lodash.merge": "^4.6.2"
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Dependency count

3

decreased by-40%

Lines of code

243

increased by2.97%

Worsened metrics

Total package byte prevSize

18251

decreased by-0.31%

Dependency changes

• - Removedlodash.isequal@^4.5.0

• - Removedlodash.omit@^4.5.0

• - Removedlodash.isequal@4.5.0(transitive)

• - Removedlodash.omit@4.5.0(transitive)