cookie-parser
cookie-parser copied to clipboard
expressjs
Encrypted Cookies
We would like to encrypt cookie contents instead of encode+sign. Would this feature fall within the scope of cookie-parser?
For reference, a similar feature has been requested in cookie-session and cookies: https://github.com/expressjs/cookie-session/issues/9 https://github.com/expressjs/cookies/issues/42
Hi, I write https://github.com/hex7c0/cookie-encryption. maybe for @jonathanong can be useful for his implementation
I was also looking for this option and didn't find anything. I made a super-easy to use express middleware to achieve transparently cookie encryption / decryption: cookie-encrypter.
var app = express();
app.use(cookieParser(secretKey));
app.use(cookieEncrypter(secretKey));
Hope this helps
Hey, I'm going to attempt to add support for cookie encryption. I am also going to modify the README to highlight the difference between signing and encrypting, and to give tips on creating strong keys.
I'm trying to add cookie encryption to the main express repo, but I run into this when I go to create a PR:
I even created and published a whole npm package just to handle encryption, kind of like cookie-signature. The idea is to add the encryption bit to the main express repo and the decryption bit here. The cookie-encryptor library works, but it is essentially hacking around by creating a middleware that overwrites the res.cookie method. I wanted to add "native" support. Please help.