From 494b0bb71b77e69c7256e6713d8ae9c8f08b6344 Mon Sep 17 00:00:00 2001
From: Nicolas Beguier <nicolas.beguier@adevinta.com>
Date: Wed, 13 Nov 2019 13:43:13 +0100
Subject: [PATCH] Security example for app.keys

---
 Readme.md  | 4 +++-
 example.js | 3 ++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/Readme.md b/Readme.md
index c327c2e..b566b35 100644
--- a/Readme.md
+++ b/Readme.md
@@ -42,10 +42,12 @@ $ npm install koa-session
 
 ```js
 const session = require('koa-session');
+const Keygrip = require('keygrip');
 const Koa = require('koa');
 const app = new Koa();
 
-app.keys = ['some secret hurr'];
+/** Redefining Keygrip to use sha512 */
+app.keys = new Keygrip(['insert 64 bytes random string', 'insert another 64 bytes random string'], 'sha512');
 
 const CONFIG = {
   key: 'koa:sess', /** (string) cookie key (default is koa:sess) */
diff --git a/example.js b/example.js
index ea47cce..3b9ae3c 100644
--- a/example.js
+++ b/example.js
@@ -1,9 +1,10 @@
 
 var session = require('./');
 var Koa = require('koa');
+var Keygrip = require('keygrip');
 var app = new Koa();
 
-app.keys = ['some secret hurr'];
+app.keys = new Keygrip(['insert 64 bytes random string', 'insert another 64 bytes random string'], 'sha512');
 
 app.use(session(app));