npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

js-cookie-encrypt

v1.0.3

Published

js-cookie-encrypt is a lightweight JavaScript package designed to securely manage data in browser cookies using advanced encryption techniques. This package ensures that sensitive data stored in cookies is encrypted, providing a higher level of security f

Downloads

210

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

abfahimbabfahimb

Keywords

js-cookie-encryptjs-cookiecookiecookiesbrowsercommonjsclientbrowserifyencryption

Readme

JS-cookie-encrypt (Protected by Secret Key)

JS-cookie-encrypt is a lightweight JavaScript package designed to securely manage data in browser cookies using advanced encryption techniques. This package ensures that sensitive data stored in cookies is encrypted, providing a higher level of security for client-side storage. It allows for flexible and customizable cookie management with support for various cookie attributes such as path, domain, expires, sameSite, and secure.

Your cookie data will be securely stored in an encrypted format, ensuring that sensitive information remains protected and accessible only to you.

Protecting Your Cookie Data

Your Cookie Will be some thing like this only you can read / access it.

UHzDpCrDicOQd1XCssKMw5F0w60OLsK3WDvDqTnDgcOBBQ7Do8Kew4R/w6oGMcKzSznDpjTCjMOCRlzCqMKSwoQ3wr0DM8K0TDvCvXrDiMOMRl/CoMOdwoo5w7oHPMK7TzvCvXrDjcOGQVXCqcKWw4tbw7gHPMK7TzfDpDfDgcKGWg==

Key Features

  • 🔐 Built-in encryption support
  • 📦 Type-safe cookie storage
  • 🛣️ Nested path operations
  • 🔄 Automatic serialization/deserialization
  • 🌐 Cross-browser compatibility
  • 🔧 Configurable options
  • 🚀 SSR-friendly

Table of Contents

Installation

npm install js-cookie-encrypt
# or
yarn add js-cookie-encrypt
# or
pnpm add js-cookie-encrypt

Basic Usage

1. Define Your Data Structure (Creating an Instance)

import JsCookieEncrypt from 'js-cookie-encrypt'

// Configuration for encryption and cookie handling
const config = {
  storageKey: 'myAppData', // Custom key for the cookie storage
  cryptoConfig: {
    privateKey: 'your-private-key', // Your secret encryption key
    encryptByDefault: true // Whether to encrypt data by default
  }
}

// Create a new instance of JsCookieEncrypt
const cookie = new JsCookieEncrypt(config);
// Set data
cookie.set({
  id: '123',
  name: 'John Doe',
  email: '[email protected]',
  preferences: {
    theme: 'light',
    notifications: true
  }
});

// Get all data
const userData = cookie.get();

// Get specific field
const userName = cookie.get('name');

// Update data
cookie.update({
  preferences: {
    theme: 'dark'
  }
});

// Delete fields
cookie.deleteFields(['email']);

// Clear all data
cookie.clear();

Cookie Options

  path: '/',
    expires: 60, (as sec, it will 1 min)
    domain: 'example.com',
    secure: true,
    sameSite: 'Lax',
    httpOnly: true

Advanced Usage

Use Path

// Initialize the cookie manager
const cookie = new JsCookieEncrypt({ storageKey: 'myAppData' });

// Set some initial data
cookie.set({ user: { name: 'John Doe', address: { city: 'Los Angeles' } } });

// Get a nested value by path
const userCity = cookie.getByPath('user.address.city');
console.log(userCity); // 'Los Angeles'

// Set a new value at a nested path
cookie.setByPath('user.address.city', 'San Francisco');

// Update an existing nested value (merge objects)
cookie.updateByPath('user.address', { country: 'USA' });

// Get the updated data
const updatedAddress = cookie.getByPath('user.address');
console.log(updatedAddress); // { city: 'San Francisco', country: 'USA' }

// Delete a nested value
cookie.deleteByPath('user.address.city');

// Verify deletion
const addressAfterDelete = cookie.getByPath('user.address');
console.log(addressAfterDelete); // { country: 'USA' }

Cookie validation

// Example usage of has method

// Check if the cookie contains any data
const hasData = cookie.has();
console.log(hasData); // true if data exists, false if cookie is empty

// Check if a specific field exists within the cookie data
const hasUserField = cookie.has('user');
console.log(hasUserField); // true if 'user' field exists, false otherwise

const hasEmailField = cookie.has('email');
console.log(hasEmailField); // true if 'email' field exists within the stored data, false otherwise

Cookie Expiration

 cookie.extend(3600);

// Extend the expiration with additional options (e.g., secure or specific path)
cookie.extend(3600, { secure: true, path: '/' });

Retrieve All Cookies

The getAllCookies method retrieves all cookies available in the document, optionally filtering by a specified domain. It returns an object with cookie names as keys and their respective values.

If no domain is provided, it will retrieve all cookies. If a domain is specified, it will return only the cookies associated with that domain.

// Retrieve all cookies
const allCookies = JsCookieEncrypt.getAllCookies();
console.log(allCookies); 
// Output: { "cookie1": "value1", "cookie2": "value2", ... }

// Retrieve cookies specific to a domain
const domainCookies = JsCookieEncrypt.getAllCookies('example.com');
console.log(domainCookies); 
// Output: { "cookie1": "value1", "cookie2": "value2", ... } for cookies on example.com

Clear All Cookies (clearAll)

The clearAll method deletes all cookies associated with the current document, optionally within a specific domain and path.

Parameters: domain (optional): The domain where cookies will be cleared. If not specified, it clears cookies for the current document domain. path (default: /): The path for the cookies. The default is /, which clears cookies site-wide.

// Clear all cookies for the current domain
JsCookieEncrypt.clearAll();

// Clear all cookies for a specific domain
JsCookieEncrypt.clearAll('example.com');

// Clear all cookies for a specific domain and path
JsCookieEncrypt.clearAll('example.com', '/specific-path');

API Reference

Constructor Options

interface StorageConfig {
  storageKey: string;
  cryptoConfig: {
    privateKey: string;
    saltLength?: number;
    encryptByDefault?: boolean;
  };
  defaultOptions?: {
    path?: string;
    expires?: number | Date;
    secure?: boolean;
    domain?: string;
    sameSite?: 'strict' | 'lax' | 'none';
    httpOnly?: boolean;
  };
}

Methods

  • set(value, options?, { encrypt?, merge? })
  • get(field?)
  • getByPath(path)
  • setByPath(path, value, options?)
  • updateByPath(path, updates)
  • deleteByPath(path)
  • update(updates, options?)
  • deleteFields(fields)
  • clear(options?)
  • has(field?)
  • extend(duration, options?)

Security Considerations

  1. Private Key Storage

    • Never expose your private key in client-side code
    • Use environment variables
    • Rotate keys periodically

  2. Cookie Options

    • Always use secure: true in production
    • Set appropriate sameSite policy
    • Use httpOnly when possible

  3. Data Sensitivity

    • Don't store sensitive data in cookies
    • Minimize stored data
    • Regularly clear unnecessary data

Best Practices

Do:

  • Use TypeScript interfaces for type safety
  • Implement proper error handling
  • Set appropriate cookie expiration
  • Use batch operations for multiple updates
  • Regularly clear expired cookies
  • Use path-specific operations
  • Implement proper access controls

What Not To Do

Don't:

// DON'T store sensitive information
cookieStore.set({
  creditCard: '1234-5678-9012-3456',
  ssn: '123-45-6789'
});

// DON'T use without encryption
cookieStore.set(data, {}, { encrypt: false });

// DON'T store large amounts of data
cookieStore.set({
  hugeDataObject: /* large object */
});

// DON'T use without proper type definitions
const unsafeStore = new SecureCookieStore<any>({...});

// DON'T expose private keys
const store = new SecureCookieStore({
  cryptoConfig: {
    privateKey: 'hardcoded-key' // WRONG!
  }
});

// DON'T use in security-critical applications
// This library is for general-purpose storage only

License

This project is licensed under the MIT License - see the LICENSE file for details.