encryptcookie

package
v2.41.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 3, 2023 License: MIT Imports: 8 Imported by: 47

README

Encrypt middleware for Fiber which encrypts cookie values. Note: this middleware does not encrypt cookie names.

Table of Contents

Signatures

// Intitializes the middleware
func New(config ...Config) fiber.Handler

// Returns a random 32 character long string
func GenerateKey() string

Examples

Import the middleware package that is part of the Fiber web framework

import (
  "github.com/gofiber/fiber/v2"
  "github.com/gofiber/fiber/v2/middleware/encryptcookie"
)

After you initiate your Fiber app, you can use the following possibilities:

// Default middleware config
app.Use(encryptcookie.New(encryptcookie.Config{
    Key: "secret-thirty-2-character-string",
}))

// Get / reading out the encrypted cookie
app.Get("/", func(c *fiber.Ctx) error {
    return c.SendString("value=" + c.Cookies("test"))
})

// Post / create the encrypted cookie
app.Post("/", func(c *fiber.Ctx) error {
    c.Cookie(&fiber.Cookie{
        Name:  "test",
        Value: "SomeThing",
    })
    return nil
})

Config

type Config struct {
	// Next defines a function to skip this middleware when returned true.
	//
	// Optional. Default: nil
	Next func(c *fiber.Ctx) bool

	// Array of cookie keys that should not be encrypted.
	//
	// Optional. Default: ["csrf_"]
	Except []string

	// Base64 encoded unique key to encode & decode cookies.
	//
	// Required. Key length should be 32 characters.
	// You may use `encryptcookie.GenerateKey()` to generate a new key.
	Key string

	// Custom function to encrypt cookies.
	//
	// Optional. Default: EncryptCookie
	Encryptor func(decryptedString, key string) (string, error)

	// Custom function to decrypt cookies.
	//
	// Optional. Default: DecryptCookie
	Decryptor func(encryptedString, key string) (string, error)
}

Default Config

// `Key` must be a 32 character string. It's used to encrpyt the values, so make sure it is random and keep it secret.
// You can call `encryptcookie.GenerateKey()` to create a random key for you.
// Make sure not to set `Key` to `encryptcookie.GenerateKey()` because that will create a new key every run.
app.Use(encryptcookie.New(encryptcookie.Config{
    Key: "secret-thirty-2-character-string",
}))

Normally, encryptcookie middleware skips csrf_ cookies. However, it won't work when you use custom cookie names for CSRF. You should update Except config to avoid this problem. For example:

app.Use(encryptcookie.New(encryptcookie.Config{
	Key: "secret-thirty-2-character-string",
	Except: []string{"csrf_1"}, // exclude CSRF cookie
}))

app.Use(csrf.New(csrf.Config{
	KeyLookup:      "form:test",
	CookieName:     "csrf_1", 
	CookieHTTPOnly: true,
}))

Documentation

Index

Constants

This section is empty.

Variables

View Source
var ConfigDefault = Config{
	Next:      nil,
	Except:    []string{"csrf_"},
	Key:       "",
	Encryptor: EncryptCookie,
	Decryptor: DecryptCookie,
}

ConfigDefault is the default config

Functions

func DecryptCookie

func DecryptCookie(value, key string) (string, error)

DecryptCookie Decrypts a cookie value with specific encryption key

func EncryptCookie

func EncryptCookie(value, key string) (string, error)

EncryptCookie Encrypts a cookie value with specific encryption key

func GenerateKey

func GenerateKey() string

GenerateKey Generates an encryption key

func New

func New(config ...Config) fiber.Handler

New creates a new middleware handler

Types

type Config

type Config struct {
	// Next defines a function to skip this middleware when returned true.
	//
	// Optional. Default: nil
	Next func(c *fiber.Ctx) bool

	// Array of cookie keys that should not be encrypted.
	//
	// Optional. Default: []
	Except []string

	// Base64 encoded unique key to encode & decode cookies.
	//
	// Required. Key length should be 32 characters.
	// You may use `encryptcookie.GenerateKey()` to generate a new key.
	Key string

	// Custom function to encrypt cookies.
	//
	// Optional. Default: EncryptCookie
	Encryptor func(decryptedString, key string) (string, error)

	// Custom function to decrypt cookies.
	//
	// Optional. Default: DecryptCookie
	Decryptor func(encryptedString, key string) (string, error)
}

Config defines the config for middleware.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL