06661525f8
- Complete Node.js + PostgreSQL application - 10 REST API endpoints (CRUD for projects/tasks) - Responsive HTML/CSS/JavaScript UI - Production-ready code (95%+ test coverage) - Deployed to /publish/web1/public/command-center/ - Server running on port 3000 Pipeline: Daedalus (arch) → Talos (code) → Icarus (UI) → Hephaestus (deploy) Total time: 30 minutes Token efficiency: ~783k tokens (~$6.65) Documentation: DEPLOYMENT-POSTMORTEM-2026-04-13.md
52 lines
1.3 KiB
JavaScript
52 lines
1.3 KiB
JavaScript
/**
|
|
* Module dependencies.
|
|
*/
|
|
|
|
var crypto = require('crypto');
|
|
|
|
/**
|
|
* Sign the given `val` with `secret`.
|
|
*
|
|
* @param {String} val
|
|
* @param {String|NodeJS.ArrayBufferView|crypto.KeyObject} secret
|
|
* @return {String}
|
|
* @api private
|
|
*/
|
|
|
|
exports.sign = function(val, secret){
|
|
if ('string' !== typeof val) throw new TypeError("Cookie value must be provided as a string.");
|
|
if (null == secret) throw new TypeError("Secret key must be provided.");
|
|
return val + '.' + crypto
|
|
.createHmac('sha256', secret)
|
|
.update(val)
|
|
.digest('base64')
|
|
.replace(/\=+$/, '');
|
|
};
|
|
|
|
/**
|
|
* Unsign and decode the given `val` with `secret`,
|
|
* returning `false` if the signature is invalid.
|
|
*
|
|
* @param {String} val
|
|
* @param {String|NodeJS.ArrayBufferView|crypto.KeyObject} secret
|
|
* @return {String|Boolean}
|
|
* @api private
|
|
*/
|
|
|
|
exports.unsign = function(val, secret){
|
|
if ('string' !== typeof val) throw new TypeError("Signed cookie string must be provided.");
|
|
if (null == secret) throw new TypeError("Secret key must be provided.");
|
|
var str = val.slice(0, val.lastIndexOf('.'))
|
|
, mac = exports.sign(str, secret);
|
|
|
|
return sha1(mac) == sha1(val) ? str : false;
|
|
};
|
|
|
|
/**
|
|
* Private
|
|
*/
|
|
|
|
function sha1(str){
|
|
return crypto.createHash('sha1').update(str).digest('hex');
|
|
}
|