-
-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
integrate cookie-signature #197
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Have we tried to get the feature added upstream instead of copying their code here?
Is it an issue that it is a breaking change? I could still export Signer also as signerFactory, keeping it backwards compatible... |
Yes, please. Reduce breaking changes when possible. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
I would like any description in the documentation on the proposed features |
* add secure: auto Option * document deviation from cookie serialize * describe better * lowercase Lax
Signed-off-by: Matteo Collina <hello@matteocollina.com>
* make type definitons `"module": "nodenext"` compatible * see microsoft/TypeScript#48845 * fix test * fix default export type * make typing extra safe and small refactoring * restore brackets * add additional properties to named export and fix test suite * remove formatting * revert formatting * reuse type
Signed-off-by: Matteo Collina <hello@matteocollina.com>
Ok so far? |
any docs? |
Well i am actually more interested about the integration with e.g. @fastify/session. Should we e.g. use then the shorthandle on fastify.signCookie and fastify.unsignCookie instead of using sign and unsign. Other than that i think documentation is only needed for the algorithm option. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Explicitly marking it as changes needed: drop the dummy secret.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
I know you maybe dont like to integrate the cookie-signature package, but I think it has some benefits.
Checklist
npm run test
andnpm run benchmark
and the Code of conduct