cookie-parser
cookie-parser copied to clipboard
Encrypted Cookies
We would like to encrypt cookie contents instead of encode+sign. Would this feature fall within the scope of cookie-parser?
For reference, a similar feature has been requested in cookie-session and cookies: https://github.com/expressjs/cookie-session/issues/9 https://github.com/expressjs/cookies/issues/42
Whenever expressjs/cookies#42 lands
Hi, I write https://github.com/hex7c0/cookie-encryption. maybe for @jonathanong can be useful for his implementation
I was also looking for this option and didn't find anything. I made a super-easy to use express middleware to achieve transparently cookie encryption / decryption: cookie-encrypter.
var app = express();
app.use(cookieParser(secretKey));
app.use(cookieEncrypter(secretKey));
Hope this helps
hi, this is support for laravel encrypted cookie?
Hey, I'm going to attempt to add support for cookie encryption. I am also going to modify the README to highlight the difference between signing and encrypting, and to give tips on creating strong keys.
I'm trying to add cookie encryption to the main express repo, but I run into this when I go to create a PR:
I even created and published a whole npm package just to handle encryption, kind of like cookie-signature
. The idea is to add the encryption bit to the main express repo and the decryption bit here. The cookie-encryptor
library works, but it is essentially hacking around by creating a middleware that overwrites the res.cookie
method. I wanted to add "native" support. Please help.
I am now able to open a PR. Must be a one-time thing.