This lib is curently missing the support of password rotation. Which can be simply archived by allowing the password param to be an object.
https://github.com/hapijs/hapi-auth-cookie/blob/master/lib/index.js#L24
See for reference
https://github.com/hueniverse/iron/blob/fa4f846bb66e6fceb3d50abf81d79950422f9c0d/lib/index.js#L247-L251
This would be the proper validation alternatives to be added:
Joi.object({
id: Joi.alternatives(Joi.number(), Joi.string()).required(),
secret: Joi.string().required()
}),
Joi.object({
id: Joi.alternatives(Joi.number(), Joi.string()).required(),
integrity: Joi.string().required(),
encryption: Joi.string().required()
})
This lib is curently missing the support of password rotation. Which can be simply archived by allowing the password param to be an object.
https://github.com/hapijs/hapi-auth-cookie/blob/master/lib/index.js#L24
See for reference
https://github.com/hueniverse/iron/blob/fa4f846bb66e6fceb3d50abf81d79950422f9c0d/lib/index.js#L247-L251
This would be the proper validation alternatives to be added: