Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HMAC based token pattern #156

Open
gdelpu opened this issue May 21, 2021 · 0 comments
Open

HMAC based token pattern #156

gdelpu opened this issue May 21, 2021 · 0 comments
Labels
feature New functionality or improvement

Comments

@gdelpu
Copy link

gdelpu commented May 21, 2021

Support plan

  • is this issue currently blocking your project? (yes/no):no
  • is this issue affecting a production system? (yes/no):yes

Context

  • node version: 12+
  • module version: 8.0.1
  • environment (e.g. node, browser, native):
  • used with (e.g. hapi application, another framework, standalone, ...): Hapi application
  • any other relevant information:

What problem are you trying to solve?

One of my project needed a stateless way to handle CSRF token, the customer's security team wanted us to implement the HMAC based token pattern as describe in the OWASP cheatsheet.

Do you have a new or modified API suggestion to solve the problem?

I did an implementation of the pattern and though it could be a great addition for the community, therefore I propose the pull request #155 to add this feature to CRUMB.
@gdelpu gdelpu added the feature New functionality or improvement label May 21, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature New functionality or improvement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@gdelpu