@fastify/secure-session
Version:
Create a secure stateless cookie session for Fastify
55 lines (44 loc) • 1.17 kB
JavaScript
const { test } = require('node:test')
const Fastify = require('fastify')
const sodium = require('sodium-native')
const key = Buffer.alloc(sodium.crypto_secretbox_KEYBYTES)
sodium.randombytes_buf(key)
test('handles a malformed cookie', async (t) => {
const fastify = Fastify({ logger: false })
fastify.register(require('../'), {
key
})
fastify.post('/', (request, reply) => {
request.session.set('data', request.body)
reply.send('hello world')
})
t.after(() => fastify.close())
fastify.get('/', (request, reply) => {
const data = request.session.get('data')
if (!data) {
reply.code(404).send()
return
}
reply.send(data)
})
const postResponse = await fastify.inject({
method: 'POST',
url: '/',
payload: {
some: 'data'
}
})
t.assert.ok(postResponse)
t.assert.strictEqual(postResponse.statusCode, 200)
t.assert.ok(postResponse.headers['set-cookie'])
const getResponse = await fastify.inject({
method: 'GET',
url: '/',
headers: {
cookie: 'session='
}
})
t.assert.ok(getResponse)
t.assert.strictEqual(getResponse.statusCode, 404)
})