Shoulder.dev
Cookie-parser is a middleware for Express.js that is used to parse cookie headers into a JavaScript object. It is published on npm with the latest version being 1.4.6 and was last published 2 years ago. This package has been used in 8556 other projects in the npm registry.
Description
Cookie-parser parses the Cookie header and populates the req.cookies object with an object keyed by the cookie names. Optionally, you can enable signed cookie support by passing a secret string, which assigns req.secret for use by other middleware.
Installation
To start using cookie-parser in your project, run npm i cookie-parser.
API
const cookieParser = require('cookie-parser')
cookieParser(secret, options)
Create a new cookie parser middleware function using the given secret and options.
secret: A string or array used for signing cookies. This is optional and if not specified, will not parse signed cookies. If a string is provided, this is used as the secret. If an array is provided, an attempt will be made to unsign the cookie with each secret in order.options: An object that is passed tocookie.parseas the second option. See cookie for more information.
Functions
cookieParser.JSONCookie(str)
Parse a cookie value as a JSON cookie. This will return the parsed JSON value if it was a JSON cookie, otherwise, it will return the passed value.
cookieParser.JSONCookies(cookies)
Given an object, this will iterate over the keys and call JSONCookie on each value, replacing the original value with the parsed value. This returns the same object that was passed in.
cookieParser.signedCookie(str, secret)
Parse a cookie value as a signed cookie. This will return the parsed unsigned value if it was a signed cookie and the signature was valid. If the value was not signed, the original value is returned. If the value was signed but the signature could not be validated, false is returned.
The secret argument can be an array or string. If a string is provided, this is used as the secret. If an array is provided, an attempt will be made to unsign the cookie with each secret in order.
cookieParser.signedCookies(cookies, secret)
Given an object, this will iterate over the keys and check if any value is a signed cookie. If it is a signed cookie and the signature is valid, the key will be deleted from the object and added to the new object that is returned. The secret argument can be an array or string. If a string is provided, this is used as the secret. If an array is provided, an attempt will be made to unsign the cookie with each secret in order.
Example
const express = require('express')
const cookieParser = require('cookie-parser')
const app = express()
app.use(cookieParser())
app.get('/', function (req, res) {
// Cookies that have not been signed
console.log('Cookies: ', req.cookies)
// Cookies that have been signed
console.log('Signed Cookies: ', req.signedCookies)
})
app.listen(8080)
// curl command that sends an HTTP request with two cookies
// curl http://127.0.0.1:8080 --cookie "Cho=Kim;Greet=Hello"
In this example, we import express and cookie-parser, create an instance of the Express application, and use the cookieParser() middleware. We then define a route that logs the cookies and signed cookies to the console. Finally, we start the server and listen on port 8080.
License
Cookie-parser is released under the MIT License.