npm系列:cookie-parser----一个用于解析 HTTP 请求中的 Cookie 的中间件，通常与 Express.js 框架一起使用

最新推荐文章于 2025-03-01 13:44:18 发布

wsad0532

最新推荐文章于 2025-03-01 13:44:18 发布

阅读量660

点赞数 13

分类专栏： npm包学习笔记文章标签： npm http 中间件

本文链接：https://blog.csdn.net/wsad0532/article/details/143195670

版权

npm包学习笔记专栏收录该内容

19 篇文章

订阅专栏

cookie-parser

Parse Cookie header and populate req.cookies with an object keyed by the cookie names. Optionally you may enable signed cookie support by passing a secret string, which assigns req.secret so it may be used by other middleware.

解析Cookie头，并使用以cookie名称作为键的对象填充req.cookies。可选地，您可以通过传递一个密钥字符串来启用签名cookie支持，这将分配req.secret，以便其他中间件可以使用它。

Installation

$ npm install cookie-parser

API

var cookieParser = require('cookie-parser')

cookieParser(secret, options)

Create a new cookie parser middleware function using the given secret and options.

使用给定的密钥和选项创建一个新的cookie解析器中间件函数。

secret a string or array used for signing cookies. This is optional and if not specified, will not parse signed cookies. If a string is provided, this is used as the secret. If an array is provided, an attempt will be made to unsign the cookie with each secret in order.
密钥用于签名cookies的字符串或数组。这是可选的，如果不指定，则不会解析签名cookies。如果提供了一个字符串，则将其用作密钥。如果提供了一个数组，则会按顺序尝试使用每个密钥来取消签名cookie。
options an object that is passed to cookie.parse as the second option. See cookie for more information.

decode a function to decode the value of the cookie
选项传递给cookie.parse作为第二个选项的对象。有关更多信息，请参阅cookie。

decode 一个用于解码cookie值的函数

The middleware will parse the Cookie header on the request and expose the cookie data as the property req.cookies and, if a secret was provided, as the property req.signedCookies. These properties are name value pairs of the cookie name to cookie value.

中间件将解析请求中的Cookie头，并将cookie数据作为req.cookies属性公开。如果提供了密钥，则还会将其作为req.signedCookies属性公开。这些属性是cookie名称到cookie值的名称值对。

When secret is provided, this module will unsign and validate any signed cookie values and move those name value pairs from req.cookies into req.signedCookies. A signed cookie is a cookie that has a value prefixed with s:. Signed cookies that fail signature validation will have the value false instead of the tampered value.

当提供了密钥时，此模块将取消签名并验证任何签名cookie的值，并将这些名称值对从req.cookies移动到req.signedCookies。签名cookie是值以s:为前缀的cookie。签名验证失败的签名cookie将具有值false，而不是被篡改的值。

In addition, this module supports special “JSON cookies”. These are cookie where the value is prefixed with j:. When these values are encountered, the value will be exposed as the result of JSON.parse. If parsing fails, the original value will remain.

此外，此模块支持特殊的“JSON cookies”。这些是以j:为前缀的值的cookie。当遇到这些值时，该值将作为JSON.parse的结果公开。如果解析失败，则保留原始值。

cookieParser.JSONCookie(str)

Parse a cookie value as a JSON cookie. This will return the parsed JSON value if it was a JSON cookie, otherwise, it will return the passed value.

将cookie值解析为JSON cookie。如果它是JSON cookie，则返回解析后的JSON值，否则返回传递的值。

cookieParser.JSONCookies(cookies)

Given an object, this will iterate over the keys and call JSONCookie on each value, replacing the original value with the parsed value. This returns the same object that was passed in.

cookieParser.JSONCookies(cookies)
给定一个对象，这将遍历键并对每个值调用JSONCookie，用解析后的值替换原始值。这返回传递的相同对象。

cookieParser.signedCookie(str, secret)

Parse a cookie value as a signed cookie. This will return the parsed unsigned value if it was a signed cookie and the signature was valid. If the value was not signed, the original value is returned. If the value was signed but the signature could not be validated, false is returned.

cookieParser.signedCookie(str, secret)
将cookie值解析为签名cookie。如果它是签名cookie且签名有效，则返回解析后的未签名值。如果值未签名，则返回原始值。如果值已签名但签名无法验证，则返回false。

cookieParser.signedCookies(cookies, secret)

Given an object, this will iterate over the keys and check if any value is a signed cookie. If it is a signed cookie and the signature is valid, the key will be deleted from the object and added to the new object that is returned.
The secret argument can be an array or string. If a string is provided, this is used as the secret. If an array is provided, an attempt will be made to unsign the cookie with each secret in order.

给定一个对象，这将遍历键并检查任何值是否为签名cookie。如果它是签名cookie且签名有效，则将从对象中删除该键并将其添加到返回的新对象中。
密钥参数可以是数组或字符串。如果提供了一个字符串，则将其用作密钥。如果提供了一个数组，则会按顺序尝试使用每个密钥来取消签名cookie。

Example

var express = require('express')
var cookieParser = require('cookie-parser')

var app = express()
app.use(cookieParser())

app.get('/', function (req, res) {
  // Cookies that have not been signed
  console.log('Cookies: ', req.cookies)

  // Cookies that have been signed
  console.log('Signed Cookies: ', req.signedCookies)
})

app.listen(8080)

// curl command that sends an HTTP request with two cookies
// curl http://127.0.0.1:8080 --cookie "Cho=Kim;Greet=Hello"