node package manager


Sign and encodes or decodes HTTP requests for Node.js

Its a general purpose sign request manager. Encodes and decodes communications using a private key (a secret) between peers.

Instalation npm intall signed-req



Encodes outgoing data with SignedRequest.encodeAndSign():

var SignedRequest = require('signed-req');
var request = require('request');
var dataToSend = {
    user: {
        name: "foo",
        email: ""
var encoded = SignedRequest.encodeAndSign(dataToSend, "mysecret");"", {form: {encodedData: encoded}}, function (err, res) {
    if (err) throw err;
    if (res.body.status) {
        console.log("User has been created :)");
    } else {
        console.error("User has not been created :(");


And in the other side we can decode that incomming data with SignedRequest.decodeAndParse():

var SignedRequest = require('signed-req');'/user', function (req, res) {
    //Assuming encodedData is an existing post param: 
    var decoded = SignedRequest.decodeAndParse(req.body.encodedData, "mysecret");
    if (decoded) {
        createUser(,;//for example. 
        res.send("I trust in you. I can validate the incoming data and its integrity is assured");
    } else {
        res.send(403, "You have no access. Your request is not valid");

An alternative decoding request can be made through SignedRequest.signedDecodeAndParse() middleware.

var SignedRequest = require('signed-req');'/user', SignedRequest.signedDecodeAndParse("request", "mysecret"), function (req, res) {
    //for example. 

Where "request" is the name of param we expect contains signed request.
If middleware cant decode info inside the param, will have no access to'/user')