Sign and Encodes/Decodes HTTP requests.

npm install signed-req
4 downloads in the last week
16 downloads in the last month

Sign and encodes or decodes HTTP requests for Node.js

Its a general purpose sign request manager. Encodes and decodes communications using a private key (a secret) between peers.

Instalation npm intall signed-req



Encodes outgoing data with SignedRequest.encodeAndSign():

var SignedRequest = require('signed-req');
var request = require('request');

var dataToSend = {
    user: {
        name: "foo",
        email: ""

var encoded = SignedRequest.encodeAndSign(dataToSend, "mysecret");"", {form: {encodedData: encoded}}, function (err, res) {
    if (err) throw err;

    if (res.body.status) {
        console.log("User has been created :)");
    } else {
        console.error("User has not been created :(");



And in the other side we can decode that incomming data with SignedRequest.decodeAndParse():

var SignedRequest = require('signed-req');'/user', function (req, res) {
    //Assuming encodedData is an existing post param:
    var decoded = SignedRequest.decodeAndParse(req.body.encodedData, "mysecret");

    if (decoded) {
        createUser(,;//for example.
        res.send("I trust in you. I can validate the incoming data and its integrity is assured");
    } else {
        res.send(403, "You have no access. Your request is not valid");


An alternative decoding request can be made through SignedRequest.signedDecodeAndParse() middleware.

var SignedRequest = require('signed-req');'/user', SignedRequest.signedDecodeAndParse("request", "mysecret"), function (req, res) {

    //for example.

Where "request" is the name of param we expect contains signed request.
If middleware cant decode info inside the param, will have no access to'/user')

npm loves you