I extracted a WAI middleware to automatically encrypt and sign cookies.
I am not a cryptographer, and the crypto libraries in Haskell are not nearly as easy to use as what I'm used to in Ruby, so I wouldn't depend on this for a serious project until it's had some proper eyes on it.
Populate the following environment variables in your WAI application process:
WAI_COOKIE_VALIDATION_KEY # key to sign cookie names and values WAI_COOKIE_ENCRYPTION_KEY # key to encrypt cookie names and values
You can generate random keys with
waicookie-genkey <key type> ... key types: encryption validation