{"id":17295187,"url":"https://github.com/lorhansohaky/itsdangerous","last_synced_at":"2025-04-14T11:55:48.436Z","repository":{"id":255438371,"uuid":"850798900","full_name":"LorhanSohaky/itsdangerous","owner":"LorhanSohaky","description":"Safely pass trusted data to untrusted environments and back.","archived":false,"fork":false,"pushed_at":"2025-04-07T21:27:42.000Z","size":403,"stargazers_count":3,"open_issues_count":1,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-14T11:55:35.427Z","etag":null,"topics":["digest","hmac","itsdangerous","javascript","security","serialization","signing","typescript"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/LorhanSohaky.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-09-01T20:05:31.000Z","updated_at":"2025-04-07T21:26:43.000Z","dependencies_parsed_at":null,"dependency_job_id":"9410c892-0fd6-435b-bf53-7c14782095c1","html_url":"https://github.com/LorhanSohaky/itsdangerous","commit_stats":null,"previous_names":["lorhansohaky/itsdangerous"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LorhanSohaky%2Fitsdangerous","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LorhanSohaky%2Fitsdangerous/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LorhanSohaky%2Fitsdangerous/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LorhanSohaky%2Fitsdangerous/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/LorhanSohaky","download_url":"https://codeload.github.com/LorhanSohaky/itsdangerous/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248878020,"owners_count":21176242,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["digest","hmac","itsdangerous","javascript","security","serialization","signing","typescript"],"created_at":"2024-10-15T11:09:40.597Z","updated_at":"2025-04-14T11:55:48.360Z","avatar_url":"https://github.com/LorhanSohaky.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\n# itsdangerous\n\n**... so better sign this.**\n\n\u003e Note: This is an unofficial JavaScript port of the Python library\n\u003e [itsdangerous](https://github.com/pallets/itsdangerous).\n\n`@lorhansohaky/itsdangerous` provides various helpers for securely serializing data and passing it through untrusted environments. The data is cryptographically signed to ensure that it hasn't been tampered with during transmission or storage.\n\nKey features include customizable serialization, optional compression, timestamp support for expiring signatures, and compatibility with various cryptographic algorithms.\n\n[Features](#features) |\n[Installation](#installation) |\n[Usage](#usage) |\n[License](#license) |\n[Contributing](#contributing)\n\n\u003c/div\u003e\n\n## Status\n\n\u003ca href=\"https://github.com/LorhanSohaky/itsdangerous/blob/master/LICENSE.md\"\u003e\u003cimg alt=\"License\" src=\"https://img.shields.io/github/license/LorhanSohaky/itsdangerous?style=flat-square\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/LorhanSohaky/itsdangerous/issues\"\u003e\u003cimg alt=\"Issues\" src=\"https://img.shields.io/github/issues/LorhanSohaky/itsdangerous?style=flat-square\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/LorhanSohaky/itsdangerous/pulls\"\u003e\u003cimg alt=\"Pull Requests\" src=\"https://img.shields.io/github/issues-pr/LorhanSohaky/itsdangerous?style=flat-square\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/LorhanSohaky/itsdangerous/actions\"\u003e\u003cimg alt=\"Actions\" src=\"https://img.shields.io/github/checks-status/LorhanSohaky/itsdangerous/main?style=flat-square\"\u003e\u003c/a\u003e\n\n## Features\n\n- **Secure Serialization**: Convert JavaScript objects to safe, URL-friendly strings that can be signed to protect against tampering.\n- **Timed Signatures**: Add timestamps to signatures, enabling support for expiring tokens.\n- **Secret Key Rotation**: Manage multiple keys for signing, supporting key rotation for enhanced security.\n- **Flexible Algorithms**: Supports different cryptographic algorithms like HMAC with SHA1, SHA256, SHA512, etc.\n- **Payload Compression**: Automatically compress and decompress payloads to optimize storage and transmission.\n- **URL-Safe Formats**: Encodes data into URL-safe strings, perfect for embedding in URLs or cookies.\n\n## Installation\n\n```sh\nnpm install @lorhansohaky/itsdangerous\n```\n\n## Usage\n\nBelow are some practical use cases and basic examples. For more examples, see the [examples](examples) directory.\n\n### Use Cases\n\n- **Tokenized URLs**: Sign user IDs or other data in URLs (e.g., unsubscribe links) to eliminate the need for storing one-time tokens in the database.\n- **Stateless Sessions**: Store signed objects in cookies or other untrusted sources, removing the need for server-side session storage.\n\n- **Round-Trip Data**: Safely pass server-side state to the client and back, verifying its integrity upon return.\n\n### Basic Serialization and Signing\n\n#### URL-Safe Serialization\n\n```js\nimport {URLSafeSerializer} from '@lorhansohaky/itsdangerous';\n\nconst authSerializer = new URLSafeSerializer({secretKey: 'secret key', salt: 'auth'});\nconst token = await authSerializer.stringify({id: 5, name: 'itsdangerous'});\n\nconsole.log(token); // eyJpZCI6NSwibmFtZSI6Iml0c2Rhbmdlcm91cyJ9.6YP6T0BaO67XP--9UzTrmurXSmg\n\nconst data = await authSerializer.parse(token);\nconsole.log(data.name); // itsdangerous\n```\n\n#### Timed Signatures\n\n```js\nimport {URLSafeTimedSerializer} from '@lorhansohaky/itsdangerous';\n\nconst authSerializer = new URLSafeTimedSerializer({secretKey: 'secret key', salt: 'auth'});\nconst token = await authSerializer.stringify({id: 5, name: 'itsdangerous'});\n\nconst sleep = (ms) =\u003e new Promise((resolve) =\u003e setTimeout(resolve, ms));\ntry {\n  await sleep(6000);\n  // This will throw an error if the token has expired\n  const data = await authSerializer.parse(token, undefined, 5, true);\n} catch (err) {\n  console.log(err.name); // SignatureExpiredError\n  console.log(err.message); // Signature age 6 \u003e 5 seconds\n}\n```\n\n## License\n\nThis project is licensed under the [MIT license](LICENSE).\n\n## Contributing\n\nWe welcome contributions! Please read [CONTRIBUTING.md](CONTRIBUTING.md) for details on how to get involved and submit your changes.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Florhansohaky%2Fitsdangerous","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Florhansohaky%2Fitsdangerous","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Florhansohaky%2Fitsdangerous/lists"}