node-cookie
v2.1.2
sign, encrypt and parse http cookies
4.2K/weekUpdated 3 years agoMITUnpacked: 19.2 KB
Published by amanvirk
npm install node-cookieNode Cookie
> Easily parse and write signed & encrypted cookies on Node.js HTTP requests.
[![NPM Version][npm-image]][npm-url]
[![Build Status][travis-image]][travis-url]
[![Appveyor][appveyor-image]][appveyor-url]
[![Coveralls][coveralls-image]][coveralls-url]
node-cookie makes it simpler to create encrypted and signed cookies for HTTP requests.
You can use it with any framework or library of your choice.
See also
Basic Setup
``javascript
const http = require('http')
const nodeCookie = require('node-cookie')
http.createServer(function (req, res) {
// this will update set-cookie header on res object.
nodeCookie.create(res, 'user', 'virk')
}).listen(3000)
`
Signing cookies with a secret
`javascript
const http = require('http')
const nodeCookie = require('node-cookie')
http.createServer(function (req, res) {
nodeCookie.create(res, 'user', 'virk', '16charlongsecret')
}).listen(3000)
`
Signing & encrypting cookies with a secret
`javascript
const http = require('http')
const nodeCookie = require('node-cookie')
http.createServer(function (req, res) {
nodeCookie.create(res, 'user', 'virk', '16charlongsecret', true)
}).listen(3000)
`
API
Cookie
Cookie parser is a simple utility module to read
and write cookies on Node.js HTTP requests.
It supports cookie signing and encryption.
* [parse(req, [secret], [decrypt])](#module_Cookie..parse) ⇒ Object
* [get(req, key, [secret], [decrypt], [cookies])](#module_Cookie..get) ⇒ Mixed
* unPackValue(value, secret, decrypt) ⇒ String
* [packValue(value, [secret], [encrypt])](#module_Cookie..packValue) ⇒ String
* [create(res, key, value, [options], [secret], [encrypt])](#module_Cookie..create) ⇒ void
* [clear(res, key, [options])](#module_Cookie..clear) ⇒ void
$3
Parses cookies from HTTP header Cookie
into
a javascript object. Also it will unsign
and decrypt cookies encrypted and signed
by this library using a secret.Kind: inner method of Cookie
| Param | Type | Default |
| --- | --- | --- |
| req | http.IncomingRequest | |
| [secret] | String |
| [decrypt] | Boolean | false |
Example
`js
nodeCookie.parse(req)// or if cookies were signed when writing
nodeCookie.parse(req, 'SECRET')
// also if cookies were encrypted
nodeCookie.parse(req, 'SECRET', true)
`
$3
Returns value for a single cookie by its key. It is
recommended to make use of this function when you
want to pull a single cookie. Since the
method will eagerly unsign and decrypt all the
cookies.Kind: inner method of Cookie
| Param | Type | Default | Description |
| --- | --- | --- | --- |
| req | http.IncomingRequest | | |
| key | String | | |
| [secret] | String |
| [decrypt] | Boolean | false | |
| [cookies] | Object |
Example
js
nodeCookie.get(req, 'sessionId')// if cookie was signed
nodeCookie.get(req, 'sessionId', 'SECRET')
// if cookie was encrypted
nodeCookie.get(req, 'sessionId', 'SECRET', true)
`
$3
Unpack cookie value by unsigning and decrypting
it. Infact you can unpack any value packed via
the method.Kind: inner method of Cookie
| Param | Type |
| --- | --- |
| value | String |
| secret | String |
| decrypt | Boolean |
$3
Pack the value by properly formatting,
signing and encrypting it.Kind: inner method of Cookie
| Param | Type | Default |
| --- | --- | --- |
| value | String | |
| [secret] | String |
| [encrypt] | Boolean | false |
$3
Write cookie to the HTTP response object. It will append
duplicate cookies to the Set-Cookie header, since
browsers discard the duplicate cookies by themselvesKind: inner method of Cookie
| Param | Type | Default |
| --- | --- | --- |
| res | http.ServerResponse | |
| key | String | |
| value | \* | |
| [options] | Object | {} |
| [secret] | String |
| [encrypt] | Boolean | false |
Example
`js
nodeCookie.create(res, 'sessionId', 1)// sign session id
nodeCookie.create(res, 'sessionId', 1, {}, 'SECRET')
// sign and encrypt session id
nodeCookie.create(res, 'sessionId', 1, {}, 'SECRET', true)
`
$3
Clears the cookie from browser by setting it's expiry
in past. This is required since there is no other
way to instruct the browser to delete a cookie.Also this method will override the
value on
the options object.Kind: inner method of Cookie
| Param | Type | Default |
| --- | --- | --- |
| res | http.ServerResponse | |
| key | String | |
| [options] | Object | {} |
Example
`js
nodeCookie.clear(res, 'sessionId')
``[appveyor-image]: https://img.shields.io/appveyor/ci/thetutlage/node-cookie/master.svg?style=flat-square
[appveyor-url]: https://ci.appveyor.com/project/thetutlage/node-cookie
[npm-image]: https://img.shields.io/npm/v/node-cookie.svg?style=flat-square
[npm-url]: https://npmjs.org/package/node-cookie
[travis-image]: https://img.shields.io/travis/poppinss/node-cookie/master.svg?style=flat-square
[travis-url]: https://travis-ci.org/poppinss/node-cookie
[coveralls-image]: https://img.shields.io/coveralls/poppinss/node-cookie/develop.svg?style=flat-square
[coveralls-url]: https://coveralls.io/github/poppinss/node-cookie