double-submit-cookies v1.0.8

Double Submit Cookies

Double Submit Cookies Authorization for Node.js

Usage

-- Add DSC on app start up just before adding routes.

var dsc = require('double-submit-cookies'),
    app = express();
    
dsc.jwtTokenVerifier(app, {
    jwtSecret: JWT_SECRET, 
    jwtAlgorithm: HASHING_ALGORITHM,
    path: [
        /^\/login/ // We will send a list of a whiteliseted paths (like login).
    ]
});

app.use('/', routes);

-- Add cookies on successful login

var jwtOptions = {
            res: res,
            jwtSecret: JWT_SECRET,
            jwtTokenExpirationInMinutes: 5,
            data: {userName: 'John Lock'}, // Optional object for claims
            header: true, // Optional - user header instead of cookies
            secure: false // Optional parameter for local debugging.
        };
dsc.addDSCookies(jwtOptions);

res.status(200).send(response);

-- Remove cookies on logout

dsc.clearDSCookies({
            res: res
        });
        
res.send();