* Verifies the HMAC and returns the raw session ID, or null on failure. * Uses constant-time comparison to prevent timing attacks.
(signed: string)
| 131 | * Uses constant-time comparison to prevent timing attacks. |
| 132 | */ |
| 133 | unsign(signed: string): string | null { |
| 134 | const dot = signed.lastIndexOf("."); |
| 135 | if (dot === -1) return null; |
| 136 | const id = signed.slice(0, dot); |
| 137 | const provided = signed.slice(dot + 1); |
| 138 | |
| 139 | const hmac = createHmac("sha256", this.key); |
| 140 | hmac.update(id); |
| 141 | const expected = hmac.digest("base64url"); |
| 142 | |
| 143 | if (provided.length !== expected.length) return null; |
| 144 | let diff = 0; |
| 145 | for (let i = 0; i < provided.length; i++) { |
| 146 | diff |= provided.charCodeAt(i) ^ expected.charCodeAt(i); |
| 147 | } |
| 148 | return diff === 0 ? id : null; |
| 149 | } |
| 150 | |
| 151 | // ── Request / response helpers ──────────────────────────────────────────── |
| 152 |
no test coverage detected