shelf_secure_cookie 1.3.0 shelf_secure_cookie: ^1.3.0 copied to clipboard
Cookie parser middleware for the Shelf ecosystem. Reads cookies in request, sets cookies in response. Supports AES-GCM for encryption if needed.
import 'dart:io';
import 'package:shelf/shelf.dart' as shelf;
import 'package:shelf/shelf_io.dart' as io;
import 'package:shelf_cookie/shelf_secure_cookie.dart';
void main() {
/// Request contains cookie header.
/// e.g. 'cookie': 'ping=foo'
/// use your 32-byte secure key during middleware construction
/// don't save it in your source code btw
/// consider something like this:
/// final secretKey = myConfig.load('config.json').secretKey
/// and add config.json to .gitignore
final secretKey = "12345678901234567890123456789012";
var handler = const shelf.Pipeline()
.addMiddleware(cookieParser(secretKey))
.addHandler((req) async {
CookieParser cookies = req.context['cookies'] as CookieParser;
if (cookies.get('ping') != null) {
//secure: true - means send it via https only
cookies.clear(); //or cookies = CookieParser(); to create a new instance
cookies.setEncrypted('pong', 'bar', secure: true, httpOnly: true);
}
// Response will set cookie header.
// e.g. 'set-cookie': 'pong=someencryptedandsignedvalue; Secure; HttpOnly'
return shelf.Response.ok('check your cookies');
});
io.serve(handler, 'localhost', 8080).then((server) {
print('Serving at http://${server.address.host}:${server.port}');
});
}