Module

std/http/cookie_map.ts>SecureCookieMap

Deno standard library
denoland/deno_std
Go to Latest
class SecureCookieMap
extends CookieMapBase
import { SecureCookieMap } from "https://dotland.deno.dev/std@0.181.0/http/cookie_map.ts";

Provides an way to manage cookies in a request and response on the server as a single iterable collection, as well as the ability to sign and verify cookies to prevent tampering.

The methods and properties align to {@link Map}, but due to the need to support asynchronous cryptographic keys, all the APIs operate async. When constructing a {@link Request} or {@link Headers} from the request need to be provided, as well as optionally the {@link Response} or Headers for the response can be provided. Alternatively the mergeHeaders function can be used to generate a final set of headers for sending in the response.

On construction, the optional set of keys implementing the KeyRing interface. While it is optional, if you don't plan to use keys, you might want to consider using just the CookieMap.

Constructors

new
SecureCookieMap(request: Headers | Headered, options?: SecureCookieMapOptions)

Properties

readonly
size: Promise<number>

Is set to a promise which resolves with the number of cookies in the {@link Request}.

Methods

clear(options: SecureCookieMapSetDeleteOptions)

Sets all cookies in the {@link Request} to be deleted in the response.

delete(key: string, options?: SecureCookieMapSetDeleteOptions): Promise<boolean>

Set a cookie to be deleted in the response.

This is a convenience function for set(key, null, options?).

entries(): AsyncIterableIterator<[string, string]>

Iterate over the {@link Request} cookies, yielding up a tuple containing the key and value of each cookie.

If a key ring was provided, only properly signed cookie keys and values are returned.

get(key: string, options?: SecureCookieMapGetOptions): Promise<string | undefined>

Get the value of a cookie from the {@link Request}.

If the cookie is signed, and the signature is invalid, undefined will be returned and the cookie will be set to be deleted in the response. If the cookie is using an "old" key from the keyring, the cookie will be re-signed with the current key and be added to the response to be updated.

has(key: string, options?: SecureCookieMapGetOptions): Promise<boolean>

Returns true if the key is in the {@link Request}.

If the cookie is signed, and the signature is invalid, false will be returned and the cookie will be set to be deleted in the response. If the cookie is using an "old" key from the keyring, the cookie will be re-signed with the current key and be added to the response to be updated.

keys(): AsyncIterableIterator<string>

Iterate over the request's cookies, yielding up the key of each cookie.

If a keyring was provided, only properly signed cookie keys are returned.

set(
key: string,
value: string | null,
): Promise<this>

Set a cookie in the response headers.

If there was a keyring set, cookies will be automatically signed, unless overridden by the passed options. Cookies can be deleted by setting the value to null.

values(): AsyncIterableIterator<string>

Iterate over the request's cookies, yielding up the value of each cookie.

If a keyring was provided, only properly signed cookie values are returned.

[Symbol.asyncIterator](): AsyncIterableIterator<[string, string]>

Iterate over the {@link Request} cookies, yielding up a tuple containing the key and value of each cookie.

If a key ring was provided, only properly signed cookie keys and values are returned.