How to use the @hapi/iron.seal function in @hapi/iron

To help you get started, we’ve selected a few @hapi/iron examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github hapijs / statehood / lib / index.js View on Github external
internals.encode = function (value, options) {

    // Encodings: 'base64json', 'base64', 'form', 'iron', 'none'

    if (value === undefined ||
        options.encoding === 'none') {

        return value;
    }

    if (options.encoding === 'iron') {
        return Iron.seal(value, options.password, options.iron || Iron.defaults);
    }

    if (options.encoding === 'base64') {
        return Buffer.from(value, 'binary').toString('base64');
    }

    if (options.encoding === 'base64json') {
        const stringified = JSON.stringify(value);
        return Buffer.from(stringified, 'binary').toString('base64');
    }

    // encoding: 'form'

    return Querystring.stringify(value);
};
github hapijs / nes / lib / index.js View on Github external
credentials: request.auth.credentials,
                    artifacts: request.auth.artifacts,
                    strategy: request.auth.strategy
                };

                if (config.type === 'direct') {
                    return credentials;
                }

                const result = { status: 'authenticated' };

                if (config.type === 'cookie') {
                    return h.response(result).state(config.cookie, credentials);
                }

                const sealed = await Iron.seal(credentials, config.password, config.iron || Iron.defaults);
                result.token = sealed;
                return result;
            }
        }
github entropic-dev / entropic / services / web / middleware / session.js View on Github external
const unwrappedId = id
        ? await iron.unseal(id, secret, iron.defaults)
        : null;
      const map = await store.load(context, unwrappedId);

      context.session = map;
      const response = await next(context);

      if (map.dirty) {
        const newId = await store.save(context, unwrappedId, map);
        const header = [
          response.headers['set-cookie'],
          unwrappedId !== newId
            ? `${sessionId}=${encodeURIComponent(
                await iron.seal(newId, secret, iron.defaults)
              )}; SameSite=Lax; HttpOnly; Max-Age=365000`
            : null
        ].filter(Boolean);

        const headers = new Headers(response.headers);
        headers.set('set-cookie', header);

        return new Response(response.body, {
          status: response.status,
          headers
        });
      }

      return response;
    };
  };
github auth0 / nextjs-auth0 / src / session / cookie-store / index.ts View on Github external
const { idToken, accessToken, refreshToken, user, createdAt } = session;
    const persistedSession = new Session(user, createdAt);

    if (this.settings.storeIdToken && idToken) {
      persistedSession.idToken = idToken;
    }

    if (this.settings.storeAccessToken && accessToken) {
      persistedSession.accessToken = accessToken;
    }

    if (this.settings.storeRefreshToken && refreshToken) {
      persistedSession.refreshToken = refreshToken;
    }

    const encryptedSession = await Iron.seal(persistedSession, cookieSecret, Iron.defaults);
    setCookie(req, res, {
      name: cookieName,
      value: encryptedSession,
      path: cookiePath,
      maxAge: cookieLifetime,
      domain: cookieDomain,
      sameSite: cookieSameSite
    });
  }
}
github entropic-dev / entropic / services / storage / models / user.js View on Github external
static async signup(name, email, remoteAuth) {
    const user = await User.objects.create({
      name,
      email
    });

    if (remoteAuth) {
      await Authentication.objects.create({
        user,
        remote_identity: remoteAuth.id,
        provider: remoteAuth.provider,
        access_token_enc: await iron.seal(
          remoteAuth.token,
          process.env.OAUTH_PASSWORD,
          iron.defaults
        ),
        metadata: {}
      });
    }

    const host = await Host.objects.get({ id: 1 });
    const namespace = await Namespace.objects.create({ name, host });
    await NamespaceMember.objects.create({
      accepted: true,
      namespace,
      user
    });

@hapi/iron

Encapsulated tokens (encrypted and mac'ed objects)

BSD-3-Clause
Latest version published 2 years ago

Package Health Score

77 / 100
Full package analysis