README
Double Submit Cookies
Double Submit Cookies Authorization for Node.js
Usage
-- Add DSC on app start up just before adding routes.
var dsc = require('double-submit-cookies'),
app = express();
dsc.jwtTokenVerifier(app, {
jwtSecret: JWT_SECRET,
jwtAlgorithm: HASHING_ALGORITHM,
path: [
/^\/login/ // We will send a list of a whiteliseted paths (like login).
]
});
app.use('/', routes);
-- Add cookies on successful login
var jwtOptions = {
res: res,
jwtSecret: JWT_SECRET,
jwtTokenExpirationInMinutes: 5,
data: {userName: 'John Lock'}, // Optional object for claims
header: true, // Optional - user header instead of cookies
secure: false // Optional parameter for local debugging.
};
dsc.addDSCookies(jwtOptions);
res.status(200).send(response);
-- Remove cookies on logout
dsc.clearDSCookies({
res: res
});
res.send();