wai-secure-cookies

[ library, mit, program, web ] [ Propose Tags ]

WAI middleware to automatically encrypt and sign cookies


[Skip to Readme]
Versions 0.1.0.0, 0.1.0.1, 0.1.0.2
Dependencies base (>=4.7 && <5), bytestring (==0.10.*), cryptonite (==0.24.*), http-types (==0.9.*), memory (==0.14.*), protolude (==0.2.*), random (>=1.1 && <2), split (==0.2.*), wai (>=3.2 && <4) [details]
License MIT
Copyright © حبيب الامين‪ 2017
Author Habib Alamin
Maintainer ha.alamin@gmail.com
Category Web
Home page https://github.com/habibalamin/wai-secure-cookies
Uploaded by alaminium at Mon Sep 4 00:18:43 UTC 2017
Distributions NixOS:0.1.0.2
Executables waicookie-genkey
Downloads 530 total (10 in the last 30 days)
Rating (no votes yet) [estimated by rule of succession]
Your Rating
  • λ
  • λ
  • λ
Status Docs available [build log]
Last success reported on 2017-09-04 [all 1 reports]
Hackage Matrix CI

Modules

[Index]

Downloads

Maintainer's Corner

For package maintainers and hackage trustees


Readme for wai-secure-cookies-0.1.0.2

[back to package description]

wai-secure-cookies

I extracted a WAI middleware to automatically encrypt and sign cookies.


WARNING

I am not a cryptographer, and the crypto libraries in Haskell are not nearly as easy to use as what I'm used to in Ruby, so I wouldn't depend on this for a serious project until it's had some proper eyes on it.


Usage

Populate the following environment variables in your WAI application process:

WAI_COOKIE_VALIDATION_KEY # key to sign cookie names and values
WAI_COOKIE_ENCRYPTION_KEY # key to encrypt cookie names and values

You can generate random keys with waicookie-genkey:

waicookie-genkey <key type> ...
key types: encryption
           validation