signed-req

Sign and Encodes/Decodes HTTP requests.

Sign and encodes or decodes HTTP requests for Node.js

Its a general purpose sign request manager. Encodes and decodes communications using a private key (a secret) between peers.

Instalation npm intall signed-req

##Usage:

####Encoding Encodes outgoing data with SignedRequest.encodeAndSign():

var SignedRequest = require('signed-req');
var request = require('request');
 
var dataToSend = {
    user: {
        name: "foo",
        email: "foo@example.com"
    }
};
 
var encoded = SignedRequest.encodeAndSign(dataToSend, "mysecret");
 
request.post("http://api.example.com/user", {form: {encodedData: encoded}}, function (errres) {
    if (err) throw err;
 
    if (res.body.status) {
        console.log("User has been created :)");
    } else {
        console.error("User has not been created :(");
    }
 
});

####Decoding And in the other side we can decode that incomming data with SignedRequest.decodeAndParse():

var SignedRequest = require('signed-req');
 
app.post('/user', function (reqres) {
    //Assuming encodedData is an existing post param: 
    var decoded = SignedRequest.decodeAndParse(req.body.encodedData, "mysecret");
 
    if (decoded) {
        createUser(decoded.user.name, decoded.user.email);//for example. 
        res.send("I trust in you. I can validate the incoming data and its integrity is assured");
    } else {
        res.send(403, "You have no access. Your request is not valid");
    }
 
});

An alternative decoding request can be made through SignedRequest.signedDecodeAndParse() middleware.

var SignedRequest = require('signed-req');
 
app.post('/user', SignedRequest.signedDecodeAndParse("request", "mysecret"), function (reqres) {
 
    //for example. 
    createUser(
        body.decodedSignedRequest.user.name,
        body.decodedSignedRequest.user.email
    );
});

Where "request" is the name of param we expect contains signed request.
If middleware cant decode info inside the param, will have no access to app.post('/user')