NodeJs从cookie解密laravel5.6会话ID

时间:2018-10-15 17:24:07

标签: node.js laravel-5 session-cookies

因此,正如标题所示,我正在尝试解密laravel应用程序使用的nodeJs的会话ID。但是当我尝试反序列化数据时,我一直收到此错误:

  

SyntaxError:未知/未处理的数据类型:错误(C:\ V12Projects \ craiglist \ node_modules \ php-unserialize \ php-unserialize.js:54:13)

我的主要代码如下:

let session = cookie.parse(req.headers.cookie).laravel_session;
let sessionKey = getSessionKey(session, process.env.APP_KEY);

我的助手函数“ getSessionKey”如下:

getSessionKey = function(laravelSession, laravelKey, keyLength) {
       keyLength = keyLength || 32;
       let cypher = 'aes-' + keyLength * 8 + '-cbc'; // + '-cbc'

       //Get session object
       laravelSession = new Buffer(laravelSession, 'base64');
       laravelSession = laravelSession.toString();
       laravelSession = JSON.parse(laravelSession);

       //Create key buffer
       laravelKey = new Buffer(laravelKey, 'base64');

       //crypto required iv in binary or buffer
       laravelSession.iv = new Buffer(laravelSession.iv, 'base64');
       laravelSession.value = new Buffer(laravelSession.value, 'base64')

       //create decoder
       let decipher = crypto.createDecipheriv(cypher, laravelKey, laravelSession.iv);

       decipher.setAutoPadding(false);
       //let decoded = decoder.update(laravelSession.value, 'base64');
       let decoded = Buffer.concat([decipher.update(laravelSession.value), decipher.final()], 'base64');

       //the error happens in the line below
       let sessionId = PHPUnserialize.unserialize(decoded.toString('ascii'));

       return sessionId;
}

0 个答案:

没有答案