Skip to content

Commit eb51cf5

Browse files
dead-horsedead-horse
authored
doc: app.keys needs to be long enought and random (#1520)
1 parent 5c32cbf commit eb51cf5

File tree

1 file changed

+8
-6
lines changed

1 file changed

+8
-6
lines changed

docs/api/index.md

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -171,17 +171,19 @@ app.use(someMiddleware)
171171

172172
## app.keys=
173173

174-
Set signed cookie keys.
174+
Set signed cookie keys.
175175

176-
These are passed to [KeyGrip](https://github.com/crypto-utils/keygrip),
177-
however you may also pass your own `KeyGrip` instance. For
178-
example the following are acceptable:
176+
These are passed to [KeyGrip](https://github.com/crypto-utils/keygrip),
177+
however you may also pass your own `KeyGrip` instance. For
178+
example the following are acceptable:
179179

180180
```js
181-
app.keys = ['im a newer secret', 'i like turtle'];
182-
app.keys = new KeyGrip(['im a newer secret', 'i like turtle'], 'sha256');
181+
app.keys = ['OEK5zjaAMPc3L6iK7PyUjCOziUH3rsrMKB9u8H07La1SkfwtuBoDnHaaPCkG5Brg', 'MNKeIebviQnCPo38ufHcSfw3FFv8EtnAe1xE02xkN1wkCV1B2z126U44yk2BQVK7'];
182+
app.keys = new KeyGrip(['OEK5zjaAMPc3L6iK7PyUjCOziUH3rsrMKB9u8H07La1SkfwtuBoDnHaaPCkG5Brg', 'MNKeIebviQnCPo38ufHcSfw3FFv8EtnAe1xE02xkN1wkCV1B2z126U44yk2BQVK7'], 'sha256');
183183
```
184184

185+
For security reasons, please ensure that the key is long enough and random.
186+
185187
These keys may be rotated and are used when signing cookies
186188
with the `{ signed: true }` option:
187189

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy