@fastify/cookie 7.2.0 → 7.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -6
- package/package.json +2 -2
- package/plugin.d.ts +14 -8
- package/plugin.js +16 -0
- package/test/cookie.test.js +38 -0
- package/test/plugin.test-d.ts +18 -13
package/README.md
CHANGED
|
@@ -99,7 +99,8 @@ with a value of `'foo'` on the cookie path `/`.
|
|
|
99
99
|
+ `name`: a string name for the cookie to be set
|
|
100
100
|
+ `value`: a string value for the cookie
|
|
101
101
|
+ `options`: an options object as described in the [cookie serialize][cs] documentation
|
|
102
|
-
|
|
102
|
+
+ `options.signed`: the cookie should be signed
|
|
103
|
+
+ `options.secure`: if set to `true` it will set the Secure-flag. If it is set to `"auto"` Secure-flag is set when the connection is using tls.
|
|
103
104
|
|
|
104
105
|
#### Securing the cookie
|
|
105
106
|
|
|
@@ -238,9 +239,9 @@ test('Request requires signed cookie', async () => {
|
|
|
238
239
|
with signerFactory
|
|
239
240
|
|
|
240
241
|
```js
|
|
241
|
-
const {
|
|
242
|
+
const { fastifyCookie } = require('@fastify/cookie');
|
|
242
243
|
|
|
243
|
-
const signer = signerFactory('secret');
|
|
244
|
+
const signer = fastifyCookie.signerFactory('secret');
|
|
244
245
|
const signedValue = signer.sign('test');
|
|
245
246
|
const {valid, renew, value } = signer.unsign(signedValue);
|
|
246
247
|
```
|
|
@@ -248,10 +249,10 @@ const {valid, renew, value } = signer.unsign(signedValue);
|
|
|
248
249
|
with sign/unsign utilities
|
|
249
250
|
|
|
250
251
|
```js
|
|
251
|
-
const {
|
|
252
|
+
const { fastifyCookie } = require('@fastify/cookie');
|
|
252
253
|
|
|
253
|
-
const signedValue = sign('test', 'secret');
|
|
254
|
-
const unsignedvalue = unsign(signedValue, 'secret');
|
|
254
|
+
const signedValue = fastifyCookie.sign('test', 'secret');
|
|
255
|
+
const unsignedvalue = fastifyCookie.unsign(signedValue, 'secret');
|
|
255
256
|
```
|
|
256
257
|
|
|
257
258
|
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@fastify/cookie",
|
|
3
|
-
"version": "7.
|
|
3
|
+
"version": "7.3.0",
|
|
4
4
|
"description": "Plugin for fastify to add support for cookies",
|
|
5
5
|
"main": "plugin.js",
|
|
6
6
|
"types": "plugin.d.ts",
|
|
@@ -52,7 +52,7 @@
|
|
|
52
52
|
"dependencies": {
|
|
53
53
|
"cookie": "^0.5.0",
|
|
54
54
|
"cookie-signature": "^1.1.0",
|
|
55
|
-
"fastify-plugin": "^
|
|
55
|
+
"fastify-plugin": "^4.0.0"
|
|
56
56
|
},
|
|
57
57
|
"tsd": {
|
|
58
58
|
"directory": "test"
|
package/plugin.d.ts
CHANGED
|
@@ -99,11 +99,11 @@ export interface CookieSerializeOptions {
|
|
|
99
99
|
path?: string;
|
|
100
100
|
priority?: 'low' | 'medium' | 'high';
|
|
101
101
|
sameSite?: boolean | 'lax' | 'strict' | 'none';
|
|
102
|
-
secure?: boolean;
|
|
102
|
+
secure?: boolean | 'auto';
|
|
103
103
|
signed?: boolean;
|
|
104
104
|
}
|
|
105
105
|
|
|
106
|
-
interface Signer {
|
|
106
|
+
export interface Signer {
|
|
107
107
|
sign: (input: string) => string;
|
|
108
108
|
unsign: (input: string) => {
|
|
109
109
|
valid: boolean;
|
|
@@ -112,16 +112,22 @@ interface Signer {
|
|
|
112
112
|
};
|
|
113
113
|
}
|
|
114
114
|
|
|
115
|
-
declare const signerFactory: Signer;
|
|
116
|
-
declare const sign: (value: string, secret: string) => string;
|
|
117
|
-
declare const unsign: (input: string, secret: string) => string | false;
|
|
118
|
-
|
|
119
115
|
export interface FastifyCookieOptions {
|
|
120
116
|
secret?: string | string[] | Signer;
|
|
121
117
|
parseOptions?: CookieSerializeOptions;
|
|
122
118
|
}
|
|
123
119
|
|
|
124
|
-
|
|
120
|
+
export type Sign = (value: string, secret: string) => string;
|
|
121
|
+
export type Unsign = (input: string, secret: string) => string | false;
|
|
122
|
+
export type SignerFactory = (secret: string) => Signer;
|
|
123
|
+
|
|
124
|
+
export interface FastifyCookie extends FastifyPluginCallback<NonNullable<FastifyCookieOptions>>{
|
|
125
|
+
signerFactory: SignerFactory;
|
|
126
|
+
sign: Sign;
|
|
127
|
+
unsign: Unsign;
|
|
128
|
+
}
|
|
129
|
+
|
|
130
|
+
declare const fastifyCookie: FastifyCookie;
|
|
125
131
|
|
|
126
132
|
export default fastifyCookie;
|
|
127
|
-
export { fastifyCookie
|
|
133
|
+
export { fastifyCookie };
|
package/plugin.js
CHANGED
|
@@ -16,6 +16,15 @@ function fastifyCookieSetCookie (reply, name, value, options, signer) {
|
|
|
16
16
|
value = signer.sign(value)
|
|
17
17
|
}
|
|
18
18
|
|
|
19
|
+
if (opts.secure === 'auto') {
|
|
20
|
+
if (isConnectionSecure(reply.request)) {
|
|
21
|
+
opts.secure = true
|
|
22
|
+
} else {
|
|
23
|
+
opts.sameSite = 'lax'
|
|
24
|
+
opts.secure = false
|
|
25
|
+
}
|
|
26
|
+
}
|
|
27
|
+
|
|
19
28
|
const serialized = cookie.serialize(name, value, opts)
|
|
20
29
|
let setCookie = reply.getHeader('Set-Cookie')
|
|
21
30
|
if (!setCookie) {
|
|
@@ -96,6 +105,13 @@ function plugin (fastify, options, next) {
|
|
|
96
105
|
}
|
|
97
106
|
}
|
|
98
107
|
|
|
108
|
+
function isConnectionSecure (request) {
|
|
109
|
+
return (
|
|
110
|
+
request.raw.socket?.encrypted === true ||
|
|
111
|
+
request.headers['x-forwarded-proto'] === 'https'
|
|
112
|
+
)
|
|
113
|
+
}
|
|
114
|
+
|
|
99
115
|
const fastifyCookie = fp(plugin, {
|
|
100
116
|
fastify: '4.x',
|
|
101
117
|
name: '@fastify/cookie'
|
package/test/cookie.test.js
CHANGED
|
@@ -776,3 +776,41 @@ test('create signed cookie manually using signCookie decorator', async (t) => {
|
|
|
776
776
|
t.equal(res.statusCode, 200)
|
|
777
777
|
t.same(JSON.parse(res.body), { unsigned: { value: 'bar', renew: false, valid: true } })
|
|
778
778
|
})
|
|
779
|
+
|
|
780
|
+
test('handle secure:auto of cookieOptions', async (t) => {
|
|
781
|
+
const fastify = Fastify()
|
|
782
|
+
|
|
783
|
+
await fastify.register(plugin)
|
|
784
|
+
|
|
785
|
+
fastify.get('/test1', (req, reply) => {
|
|
786
|
+
reply
|
|
787
|
+
.setCookie('foo', 'foo', { path: '/', secure: 'auto' })
|
|
788
|
+
.send()
|
|
789
|
+
})
|
|
790
|
+
|
|
791
|
+
const res = await fastify.inject({
|
|
792
|
+
method: 'GET',
|
|
793
|
+
url: '/test1',
|
|
794
|
+
headers: { 'x-forwarded-proto': 'https' }
|
|
795
|
+
})
|
|
796
|
+
|
|
797
|
+
const cookies = res.cookies
|
|
798
|
+
t.equal(cookies.length, 1)
|
|
799
|
+
t.equal(cookies[0].name, 'foo')
|
|
800
|
+
t.equal(cookies[0].value, 'foo')
|
|
801
|
+
t.equal(cookies[0].secure, true)
|
|
802
|
+
t.equal(cookies[0].path, '/')
|
|
803
|
+
|
|
804
|
+
const res2 = await fastify.inject({
|
|
805
|
+
method: 'GET',
|
|
806
|
+
url: '/test1'
|
|
807
|
+
})
|
|
808
|
+
|
|
809
|
+
const cookies2 = res2.cookies
|
|
810
|
+
t.equal(cookies2.length, 1)
|
|
811
|
+
t.equal(cookies2[0].name, 'foo')
|
|
812
|
+
t.equal(cookies2[0].value, 'foo')
|
|
813
|
+
t.equal(cookies2[0].sameSite, 'Lax')
|
|
814
|
+
t.same(cookies2[0].secure, null)
|
|
815
|
+
t.equal(cookies2[0].path, '/')
|
|
816
|
+
})
|
package/test/plugin.test-d.ts
CHANGED
|
@@ -1,13 +1,10 @@
|
|
|
1
|
-
import
|
|
2
|
-
import { Server } from 'http';
|
|
1
|
+
import cookie from '../plugin';
|
|
3
2
|
import { expectType } from 'tsd';
|
|
4
3
|
import * as fastifyCookieStar from '..';
|
|
5
|
-
import fastifyCookieDefault, {
|
|
6
|
-
fastifyCookie as fastifyCookieNamed
|
|
7
|
-
} from '..';
|
|
8
|
-
import cookie, { FastifyCookieOptions } from '../plugin';
|
|
9
|
-
|
|
10
4
|
import fastifyCookieCjsImport = require('..');
|
|
5
|
+
import fastifyCookieDefault, { fastifyCookie as fastifyCookieNamed } from '..';
|
|
6
|
+
import fastify, { FastifyInstance, FastifyReply, setCookieWrapper } from 'fastify';
|
|
7
|
+
|
|
11
8
|
const fastifyCookieCjs = require('..');
|
|
12
9
|
|
|
13
10
|
const app: FastifyInstance = fastify();
|
|
@@ -19,16 +16,24 @@ app.register(fastifyCookieCjsImport.fastifyCookie);
|
|
|
19
16
|
app.register(fastifyCookieStar.default);
|
|
20
17
|
app.register(fastifyCookieStar.fastifyCookie);
|
|
21
18
|
|
|
22
|
-
expectType<
|
|
23
|
-
expectType<
|
|
24
|
-
expectType<
|
|
25
|
-
expectType<
|
|
26
|
-
expectType<
|
|
27
|
-
expectType<
|
|
19
|
+
expectType<fastifyCookieStar.FastifyCookie>(fastifyCookieNamed);
|
|
20
|
+
expectType<fastifyCookieStar.FastifyCookie>(fastifyCookieDefault);
|
|
21
|
+
expectType<fastifyCookieStar.FastifyCookie>(fastifyCookieCjsImport.default);
|
|
22
|
+
expectType<fastifyCookieStar.FastifyCookie>(fastifyCookieCjsImport.fastifyCookie);
|
|
23
|
+
expectType<fastifyCookieStar.FastifyCookie>(fastifyCookieStar.default);
|
|
24
|
+
expectType<fastifyCookieStar.FastifyCookie>(
|
|
28
25
|
fastifyCookieStar.fastifyCookie
|
|
29
26
|
);
|
|
30
27
|
expectType<any>(fastifyCookieCjs);
|
|
31
28
|
|
|
29
|
+
expectType<fastifyCookieStar.Sign>(fastifyCookieDefault.sign);
|
|
30
|
+
expectType<fastifyCookieStar.Unsign>(fastifyCookieDefault.unsign);
|
|
31
|
+
expectType<fastifyCookieStar.SignerFactory >(fastifyCookieDefault.signerFactory );
|
|
32
|
+
|
|
33
|
+
expectType<fastifyCookieStar.Sign>(fastifyCookieNamed.sign);
|
|
34
|
+
expectType<fastifyCookieStar.Unsign>(fastifyCookieNamed.unsign);
|
|
35
|
+
expectType<fastifyCookieStar.SignerFactory >(fastifyCookieNamed.signerFactory );
|
|
36
|
+
|
|
32
37
|
const server = fastify();
|
|
33
38
|
|
|
34
39
|
server.register(cookie);
|