Cookies
Kikwit supports cookies via the [cookies][cookies-package-url] package which optionally provides cookie signing, to prevent tampering, using the [keygrip][keygrip-package-url] package.
import { controller, get } from 'kikwit';
@controller
export class Products {
@get
index(context) {
context.cookies.set('unsigned', '12345');
context.cookies.set('signed', '67890', { signed: true });
context.redirect('/products/details');
}
@get
details(context) {
var unsigned = context.cookies.get('unsigned');
var signed = context.cookies.get('signed', { signed: true });
context.sendJSON({ unsigned, signed });
}
}
The keys used to sign the cookies can be set in the config file using the cookieParser.keys
entry as follows:
{
...
cookieParser: {
keys: ['~strong-key-01!', '#strong-key-02?']
}
...
}
Cookie parsing can be disabled by setting the cookieParser
to a falsy value.
{
...
cookieParser: null
...
}
Please refer to the [cookies][cookies-package-url] package for more info regarding additional features for cookies.