secure-cookie-faker

command module

v0.3.2 Latest Latest Go to latest Published: Oct 7, 2019 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/EddieIvan01/secure-cookie-faker

Links

Open Source Insights

README ¶

security tool to encode/decode Golang web-frameworks' client-side session cookie which use gorilla/securecookie or gorilla/sessions, such as Gin, Echo or Iris

Stats

top stars Go web-frameworks' using of gorilla/securecookie or gorilla/sessions

(stars count comes from go-web-framework-stars)

web framework	stars	uses gorilla's securecookie or sessions?
gin	28126	✔
beego	20805	✘
iris	15102	✔
echo	14180	✔
kit	13920	✘
revel	11125	✘
martini	10572	✔

and many personal application using them as a basic web application toolkit link

Usage

you can build from source code or download binaries from releases page

Secure Cookie Faker v0.1

Usage: faker [enc/dec] [-n cookie_name] [-k secret_key] [-o object_string / -c cookie_string]

Mode: 
  dec
        decode mode, cookie => object
  enc
        encode mode, object => cookie

Options:
  --help    show help
  -k string
        secret keys, string like "key" or multiple keys like "key1, key2, key3"
  -n string
        the cookie name
  -o string
        object to be encoded, string like "{key1[type]: value1[type], key2[type]: value2[type]}"
        type hint could be `int`, `float`, `bool`, `string`, `byte`
        when type is `string`, it could be omitted. like this {str1: str2}
        if mode is encode, this param is required
  -c string
        cookie to be decoded
        if mode is decode, this param is required
  -way string
        serialize way: gob | json | nop(default "gob")

Example

choosing a mode is required: enc or dec

decode cookie

$ ./faker dec -c "MTU2MTE4NjQzNHxFXy1CQkFFQkEwOWlhZ0hfZ2dBQkVBRVFBQUJUXzRJQUF3WnpkSEpwYm1jTUJnQUVkWE5sY2daemRISnBibWNNQndBRllXUnRhVzRHYzNSeWFXNW5EQVFBQW1sa0EybHVkQVFDQUFBR2MzUnlhVzVuREFjQUJYQnZhVzUwQTJsdWRBUUZBUDBERFQ0PXwKR14WwPjXeUBZlZ0sKcEfRu-n7_va9drjsFaIEVahmA=="

-c: cookie to be decoded

encode object

$ ./faker enc -n "mysession" -k "secret" -o "{user: admin, id: 0[int]}"

-o : object string，its like a K-V map, it should have type hints

-n : cookie name, its required because the HMAC hash's generation relies on it

-k : secret key(s), could be multiple: -k "key1, key2", the first is hash key, and the second is encrypt block key

when element's type is string, the type tag can be omitted

type tag can only be int, uint, float, bool, string, byte

change serializer

$ ./faker enc -n "mysession" -k "secret" -o "some-string" -way json

$ ./faker enc -n "mysession" -k "secret" -o "{id: 0[int]}" -way json

$ ./faker enc -n "mysession" -k "secret" -o "some-string" -way nop

$ ./faker dec -c "MTU2NjkxMjI4NXxleUoxYzJWeUlqb2lZV1J0YVc0aWZRbz18OibftwH33BZStXtep7TbN_mbyk8RftQe9t_wxCJXhHo=" -way json

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

README ¶