0.0.1 • Published 2 years ago
@focus21/iron-cookie-session v0.0.1
@focus21/iron-cookie-session
Session middleware with cookie storage and Iron encryption.
Installation
pnpm add --save @focus21/iron-cookie-sessionUsage
import IronCookieSession from "@focus21/iron-cookie-session";
import Iron from "@hapi/iron";
const session = new IronCookieSession({
  // Used to encrypt the session.
  // Required. Must be at least 32 characters.
  sessionSecret: process.env.WEB_APP_SESSION_SECRET,
  // The name of the cookie as stored on the client-side.
  // Optional. Defaults to `"sess"`.
  cookieName: "sess",
  // Options passed to `cookie.serialize`.
  // See also: https://www.npmjs.com/package/cookie
  // Optional. Defaults to `{}`.
  cookieOptions: {
    // If specified, the max age of the cookie will be enforced in middleware.
    // Optional. Defaults to empty.
    maxAge: 60 * 60 * 8,
    // Other recommended options for cookies:
    httpOnly: true,
    path: "/",
    sameSite: "lax",
    secure: process.env.NODE_ENV === "production",
  },
  // Options for `Iron.seal` and `Iron.unseal`.
  // See also: https://www.npmjs.com/package/@hapi/iron
  // Optional. Defaults to `Iron.defaults`.
  ironOptions: Iron.defaults,
  // Where to store metadata inside the session.
  // Optional. Defaults to `"sessionMeta"`.
  metadataKey: "sessionMeta",
  // Where to store the session in request objects in middleware.
  // Optional. Defaults to `"session"`.
  reqKey: "session",
});
// Injects a read-only copy of the session into middleware or other functions.
// The function's first argument must be `ctx` (with `ctx.req` available) or `req`.
export const { withSession } = session;
// The middleware for use with a server.
export default session.middleware;