© 2020 Caendra Inc. | WAPTXv2
55
Let’s study the source code to get a better feel of the application.
By studying, app.js we notice that the NodeJS app uses cookie-session var session = require('cookie-
session'), which has a dependency to cookies, which has a dependency to keygrip. And keygrip does
the HMAC signature by using the node core crypto package. crypto creates a Buffer from the key.
Remember this last part…
The config.js file contains dummy session_keys. Based on our code analysis above, those keys should
be used to generate the HMAC for the cookies.
Do'stlaringiz bilan baham: