wai-secure-cookies: WAI middleware to automatically encrypt and sign cookies

This is a package candidate release! Here you can preview how this package release will appear once published to the main package index (which can be accomplished via the 'maintain' link below). Please note that once a package has been published to the main package index it cannot be undone! Please consult the package uploading documentation for more information.

[maintain] [Publish]

wai-secure-cookies is a WAI middleware to automatically encrypt and sign cookies w/ specified keys, and a command line tool to generate those keys


[Skip to Readme]

Properties

Versions 0.1.0.0, 0.1.0.1, 0.1.0.2, 0.1.0.3, 0.1.0.4, 0.1.0.5, 0.1.0.6, 0.1.0.7, 0.1.0.8, 0.1.0.8
Change log None available
Dependencies base (>=4.7 && <5), bytestring (>=0.10 && <0.12), crypton, cryptonite, http-types (>=0.12.1 && <0.13), memory (>=0.14 && <0.19), random (>=1.1 && <1.3), split (>=0.2 && <0.3), wai (>=3.2 && <4) [details]
License MIT
Copyright © حبيب الأمين ‪2023
Author Habib Alamin
Maintainer ha.alamin@gmail.com
Category Web
Home page https://github.com/habibalamin/wai-secure-cookies
Source repo head: git clone https://github.com/habibalamin/wai-secure-cookies
Uploaded by alaminium at 2023-09-07T01:34:01Z

Modules

[Index] [Quick Jump]

Flags

Automatic Flags
NameDescriptionDefault
cryptonite

Enable use of cryptonite, instead of crypton fork

Disabled

Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info

Downloads

Maintainer's Corner

Package maintainers

For package maintainers and hackage trustees


Readme for wai-secure-cookies-0.1.0.8

[back to package description]

wai-secure-cookies

I extracted a WAI middleware to automatically encrypt and sign cookies.


WARNING

I am not a cryptographer, and the crypto libraries in Haskell are not nearly as easy to use as what I'm used to in Ruby, so I wouldn't depend on this for a serious project until it's had some proper eyes on it.


Usage

Populate the following environment variables in your WAI application process:

WAI_COOKIE_VALIDATION_KEY # key to sign cookie names and values
WAI_COOKIE_ENCRYPTION_KEY # key to encrypt cookie names and values

You can generate random keys with waicookie-genkey:

waicookie-genkey <key type> ...
key types: encryption
           validation