fastify · mcollina · Jul 15, 2022 · Jul 11, 2022 · Jul 12, 2022 · Jul 12, 2022
diff --git a/README.md b/README.md
@@ -201,7 +201,7 @@ the provided signer's (or the default signer if no custom implementation is prov
 fastify.register(require('@fastify/cookie'), { secret: 'my-secret' })
 
 fastify.get('/', (req, rep) => {
-  if (fastify.unsign(req.cookie.foo).valid === false) {
+  if (fastify.unsignCookie(req.cookie.foo).valid === false) {
     rep.send('cookie is invalid')
     return
   }
@@ -210,6 +210,29 @@ fastify.get('/', (req, rep) => {
 })
 ```
 
+### Other cases of manual signing
+
+Sometimes the service under test should only accept requests with signed cookies, but it does not generate them itself.
+
+**Example:**
+
+```js
+
+test('Request requires signed cookie', async () => {
+    const response = await app.inject({
+        method: 'GET',
+        url: '/',
+        headers: {
+          cookies : {
+            'sid': app.signCookie(sidValue)
+          }
+        },
+    });
+
+    expect(response.statusCode).toBe(200);
+});
+```
+
 
 ## License
 

diff --git a/plugin.d.ts b/plugin.d.ts
@@ -21,6 +21,12 @@ declare module 'fastify' {
     parseCookie(cookieHeader: string): {
       [key: string]: string;
     };
+    /**
+     * Manual cookie signing method
+     * @docs https://github.com/fastify/fastify-cookie#manual-cookie-parsing
+     * @param value cookie value
+     */
+    signCookie(value: string): string;
   }
 
   interface FastifyRequest {

diff --git a/plugin.js b/plugin.js
@@ -58,6 +58,7 @@ function plugin (fastify, options, next) {
   const signer = typeof secret === 'string' || enableRotation ? signerFactory(secret) : secret
 
   fastify.decorate('parseCookie', parseCookie)
+  fastify.decorate('signCookie', signCookie)
   fastify.decorate('unsignCookie', unsignCookie)
 
   fastify.decorateRequest('cookies', null)
@@ -76,6 +77,10 @@ function plugin (fastify, options, next) {
     return cookie.parse(cookieHeader, options.parseOptions)
   }
 
+  function signCookie (value) {
+    return signer.sign(value)
+  }
+
   function unsignCookie (value) {
     return signer.unsign(value)
   }

diff --git a/test/cookie.test.js b/test/cookie.test.js
@@ -701,3 +701,25 @@ test('cookies set with plugin options parseOptions field', (t) => {
     }
   )
 })
+
+test('create signed cookie manually using signCookie decorator', (t) => {
+  const fastify = Fastify()
+
+  fastify.register(plugin, { secret: 'secret' })
+
+  fastify.get('/test1', (req, reply) => {
+    reply.send({
+      unsigned: req.unsignCookie(req.cookies.foo)
+    })
+  })
+
+  fastify.inject({
+    method: 'GET',
+    url: '/test1',
+    headers: { cookie: `foo=${fastify.signCookie('bar')}` }
+  }, (err, res) => {
+    t.error(err)
+    t.equal(res.statusCode, 200)
+    t.same(JSON.parse(res.body), { unsigned: { value: 'bar', renew: false, valid: false } })
+  })
+})