double-submit-cookies

Double Submit Cookies Authentication

Usage no npm install needed!

<script type="module">
  import doubleSubmitCookies from 'https://cdn.skypack.dev/double-submit-cookies';
</script>

README

Double Submit Cookies

NPM

Double Submit Cookies Authorization for Node.js

Usage

-- Add DSC on app start up just before adding routes.

var dsc = require('double-submit-cookies'),
    app = express();
    
dsc.jwtTokenVerifier(app, {
    jwtSecret: JWT_SECRET, 
    jwtAlgorithm: HASHING_ALGORITHM,
    path: [
        /^\/login/ // We will send a list of a whiteliseted paths (like login).
    ]
});

app.use('/', routes);

-- Add cookies on successful login

var jwtOptions = {
            res: res,
            jwtSecret: JWT_SECRET,
            jwtTokenExpirationInMinutes: 5,
            data: {userName: 'John Lock'}, // Optional object for claims
            header: true, // Optional - user header instead of cookies
            secure: false // Optional parameter for local debugging.
        };
dsc.addDSCookies(jwtOptions);

res.status(200).send(response);

-- Remove cookies on logout

dsc.clearDSCookies({
            res: res
        });
        
res.send();