Key for signing. When None is supplied, application.secret is used. Note that using application.secret is discouraged (because it might cause using one key for multiple purposes) and should be used when required by backward compatibility.
Constant prepended and appended to the data before signing. When using one key for multiple purposes, using a specific pepper reduces some risks arising from this.
Extracts a message that was signed by CookieSigner.sign.
Extracts a message that was signed by CookieSigner.sign.
The signed message to extract.
The verified raw data, or an error if the message isn't valid.
Signs (MAC) the given data using the given secret key.
Signs (MAC) the given data using the given secret key.
The data to sign.
A message authentication code.
Cookie signer implementation based on the Play cryptography functionality.
This cookie signer signs the data with the specified key or with the Play application secret. If the signature verification fails, the signer does not try to decode the cookie data in any way in order to prevent various types of attacks.