cookie签名的原因是防止别人篡改cookie原本的值,如果这个过程中cookie被改变的话,就会在unsign方法返回false
代码:
var cookie = require("cookie-signature") var val = cookie.sign('hello', 'tobiiscool'); console.log(val); var val = cookie.sign('hello', 'tobiiscool'); console.log(cookie.unsign(val, 'tobiiscool'));
参考:https://npm.runkit.com/cookie-signature
实际node例子:
var express = require('express'); var cookieParser = require('cookie-parser');//cookie模块 var cookie = require("cookie-signature");//签名模块 var util = require('util'); var app = express(); app.use(cookieParser());//注入cookie模块 //cookie获取模块 app.get('/getc',function(req,res){ console.log('取得的cookie:'+req.cookies.cookiename); console.log('取得的cookieSercret:'+req.cookies.resc); var val = cookie.sign('hello', 'tobiiscool'); console.log("cookie验证后签名:" + cookie.unsign(val,'tobiiscool')); res.end('cookies get ok'); }); //删除指定cookie模块 app.get('/del_c',function(req,res){ res.clearCookie('cookiename'); res.send('ok'); }); //获取cookie模块 app.get('/',function(req,res){ res.cookie('resc', '设置到cookie里的值', { expires: new Date(Date.now() + 900000), httpOnly: true }); var val = cookie.sign('cookiecontent', 'tobiiscool'); res.cookie('cookiename',val,{expires: new Date(Date.now() + 900000), path:'/',httpOnly: true }); console.log("Cookies: " + util.inspect(req.cookies)); console.log("cookie签名后:"+val); res.send('ok'); }); app.listen(8081);