|
|
/** * Module dependencies. */
var crypto = require('crypto');
/** * Sign the given `val` with `secret`. * * @param {String} val * @param {String} secret * @return {String} * @api private */
exports.sign = function(val, secret){ if ('string' != typeof val) throw new TypeError('cookie required'); if ('string' != typeof secret) throw new TypeError('secret required'); return val + '.' + crypto .createHmac('sha256', secret) .update(val) .digest('base64') .replace(/\=+$/, ''); };
/** * Unsign and decode the given `val` with `secret`, * returning `false` if the signature is invalid. * * @param {String} val * @param {String} secret * @return {String|Boolean} * @api private */
exports.unsign = function(val, secret){ if ('string' != typeof val) throw new TypeError('cookie required'); if ('string' != typeof secret) throw new TypeError('secret required'); var str = val.slice(0, val.lastIndexOf('.')) , mac = exports.sign(str, secret); return sha1(mac) == sha1(val) ? str : false; };
/** * Private */
function sha1(str){ return crypto.createHash('sha1').update(str).digest('hex'); }
|