Init CookieSigner

example/rate_limit.dart

@@ -12,11 +12,11 @@ main() async {
   var app = Angel(logger: Logger('rate_limit')), http = AngelHttp(app);
 
   // Create a simple in-memory rate limiter that limits users to 5
-  // queries per hour.
+  // queries per 30 seconds.
   //
   // In this case, we rate limit users by IP address.
   var rateLimiter =
-      InMemoryRateLimiter(5, Duration(hours: 1), (req, res) => req.ip);
+      InMemoryRateLimiter(5, Duration(seconds: 30), (req, res) => req.ip);
 
   // `RateLimiter.handleRequest` is a middleware, and can be used anywhere
   // a middleware can be used. In this case, we apply the rate limiter to

lib/angel_security.dart

@@ -1,3 +1,4 @@
+export 'src/cookie_signer.dart';
 export 'src/in_memory_rate_limiter.dart';
 export 'src/rate_limiter.dart';
 export 'src/rate_limiting_window.dart';

lib/src/cookie_signer.dart

@@ -0,0 +1,20 @@
+import 'dart:convert';
+import 'dart:io';
+import 'package:angel_framework/angel_framework.dart';
+import 'package:crypto/crypto.dart';
+
+class CookieSigner {
+  final Hmac hmac;
+
+  CookieSigner(List<int> keyBytes, {Hash hash})
+      : hmac = Hmac(hash ?? sha256, keyBytes);
+
+  factory CookieSigner.fromStringKey(String key, {Hash hash}) {
+    if (key.length != 32) {
+      throw ArgumentError.value(key, 'key', 'must have a length of 32');
+    }
+    return CookieSigner(utf8.encode(key), hash: hash);
+  }
+
+  CookieSigner.fromHmac(this.hmac);
+}

pubspec.yaml

@@ -11,6 +11,7 @@ dev_dependencies:
   angel_auth: ^2.0.0
   angel_test: ^2.0.0
   angel_validate: ^2.0.0
+  crypto: ^2.0.0
   pedantic: ^1.0.0
   pretty_logging: ^1.0.0
   test: ^1.0.0