How to use the @hapi/iron.seal function in @hapi/iron
To help you get started, we’ve selected a few @hapi/iron examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
hapijs / statehood / lib / index.js View on Github 
internals.encode = function (value, options) {
// Encodings: 'base64json', 'base64', 'form', 'iron', 'none'
if (value === undefined ||
options.encoding === 'none') {
return value;
}
if (options.encoding === 'iron') {
return Iron.seal(value, options.password, options.iron || Iron.defaults);
}
if (options.encoding === 'base64') {
return Buffer.from(value, 'binary').toString('base64');
}
if (options.encoding === 'base64json') {
const stringified = JSON.stringify(value);
return Buffer.from(stringified, 'binary').toString('base64');
}
// encoding: 'form'
return Querystring.stringify(value);
};credentials: request.auth.credentials,
artifacts: request.auth.artifacts,
strategy: request.auth.strategy
};
if (config.type === 'direct') {
return credentials;
}
const result = { status: 'authenticated' };
if (config.type === 'cookie') {
return h.response(result).state(config.cookie, credentials);
}
const sealed = await Iron.seal(credentials, config.password, config.iron || Iron.defaults);
result.token = sealed;
return result;
}
}const unwrappedId = id
? await iron.unseal(id, secret, iron.defaults)
: null;
const map = await store.load(context, unwrappedId);
context.session = map;
const response = await next(context);
if (map.dirty) {
const newId = await store.save(context, unwrappedId, map);
const header = [
response.headers['set-cookie'],
unwrappedId !== newId
? `${sessionId}=${encodeURIComponent(
await iron.seal(newId, secret, iron.defaults)
)}; SameSite=Lax; HttpOnly; Max-Age=365000`
: null
].filter(Boolean);
const headers = new Headers(response.headers);
headers.set('set-cookie', header);
return new Response(response.body, {
status: response.status,
headers
});
}
return response;
};
};const { idToken, accessToken, refreshToken, user, createdAt } = session;
const persistedSession = new Session(user, createdAt);
if (this.settings.storeIdToken && idToken) {
persistedSession.idToken = idToken;
}
if (this.settings.storeAccessToken && accessToken) {
persistedSession.accessToken = accessToken;
}
if (this.settings.storeRefreshToken && refreshToken) {
persistedSession.refreshToken = refreshToken;
}
const encryptedSession = await Iron.seal(persistedSession, cookieSecret, Iron.defaults);
setCookie(req, res, {
name: cookieName,
value: encryptedSession,
path: cookiePath,
maxAge: cookieLifetime,
domain: cookieDomain,
sameSite: cookieSameSite
});
}
}static async signup(name, email, remoteAuth) {
const user = await User.objects.create({
name,
email
});
if (remoteAuth) {
await Authentication.objects.create({
user,
remote_identity: remoteAuth.id,
provider: remoteAuth.provider,
access_token_enc: await iron.seal(
remoteAuth.token,
process.env.OAUTH_PASSWORD,
iron.defaults
),
metadata: {}
});
}
const host = await Host.objects.get({ id: 1 });
const namespace = await Namespace.objects.create({ name, host });
await NamespaceMember.objects.create({
accepted: true,
namespace,
user
});@hapi/iron
Encapsulated tokens (encrypted and mac'ed objects)
