How to use the @hapi/iron.unseal function in @hapi/iron
To help you get started, we’ve selected a few @hapi/iron examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
hapijs / statehood / lib / index.js View on Github 
internals.decode = async function (value, definition) {
if (!value &&
definition.encoding === 'form') {
return {};
}
Hoek.assert(typeof value === 'string', 'Invalid string');
// Encodings: 'base64json', 'base64', 'form', 'iron', 'none'
if (definition.encoding === 'iron') {
return await Iron.unseal(value, definition.password, definition.iron || Iron.defaults);
}
if (definition.encoding === 'base64json') {
const decoded = Buffer.from(value, 'base64').toString('binary');
try {
return Bourne.parse(decoded);
}
catch (err) {
throw Boom.badRequest('Invalid JSON payload');
}
}
if (definition.encoding === 'base64') {
return Buffer.from(value, 'base64').toString('binary');
}request.auth.headers['x-forwarded-for'] = this.info['x-forwarded-for'];
const res = await this.server.inject({ url: route.path, method: 'auth', headers: request.auth.headers, remoteAddress: this.info.remoteAddress, allowInternals: true, validate: false });
if (res.statusCode !== 200) {
throw Boom.unauthorized(res.result.message);
}
if (!res.result.credentials) {
return;
}
this._setCredentials(res.result);
return;
}
try {
const auth = await Iron.unseal(request.auth, config.password, config.iron || Iron.defaults);
this._setCredentials(auth);
}
catch (err) {
throw Boom.unauthorized('Invalid token');
}
}
};async read(req: IncomingMessage): Promise {
const { cookieSecret, cookieName } = this.settings;
const cookies = parseCookies(req);
const cookie = cookies[cookieName];
if (!cookie || cookie.length === 0) {
return null;
}
const unsealed = await Iron.unseal(cookies[cookieName], cookieSecret, Iron.defaults);
if (!unsealed) {
return null;
}
return unsealed as ISession;
}return async context => {
const parsed = cookie.parse(context.request.headers.cookie || '');
const id = parsed[sessionId];
const exists = Boolean(id);
const unwrappedId = id
? await iron.unseal(id, secret, iron.defaults)
: null;
const map = await store.load(context, unwrappedId);
context.session = map;
const response = await next(context);
if (map.dirty) {
const newId = await store.save(context, unwrappedId, map);
const header = [
response.headers['set-cookie'],
unwrappedId !== newId
? `${sessionId}=${encodeURIComponent(
await iron.seal(newId, secret, iron.defaults)
)}; SameSite=Lax; HttpOnly; Max-Age=365000`
: null
].filter(Boolean);@hapi/iron
Encapsulated tokens (encrypted and mac'ed objects)
