DCTokens are the discord like tokens that can be used for authentiction in your website, api, or anything you want (you can even trick people to think its an actual discord token ๐).
It Uses HMAC with SHA-256 to sign the tokens.
- Sign Custom Tokens (with your own private key) ๐
- Verify Tokens โ
- Zero-Depencency ๐ช
Via NPM:
npm install dc-tokens
Via Yarn:
yarn add dc-tokens
Via PNPM
pnpm install dc-tokens
NOTE: For Node.js only (not supported in browsers)
If a callback is supplied, the callback is called with the err
and the Token
.
Else returns the DCToken
as string
payload
should be string.
privateKey
is a string or buffer.
options
is an object with the following properties:
timestamp
(in milliseconds) - defaults toDate.now()
epoch
(in milliseconds) - defaults to Milliseconds since Discord Epoch:1420070400000
callback
is a function that is called with the err
and the Token
as string respectively.
Synchronous Sign:
const DCT = require('dc-tokens');
let token = DCT.sign("Cute little cats", "secret");
Sign asynchronously
const DCT = require('dc-tokens');
DCT.sign("Cute little cats", "secret", { }, (err, token) => {
if (err) {
console.error(err);
} else {
console.log(token);
}
});
If a callback is supplied, the callback is called with the err
and the TokenObject
.
Else returns the TokenObject
as string
The TokenObject
is an object with the following structure
{
payload: string;
timestamp: Date;
signature: string;
}
privateKey
is a string or buffer. it should be the same key that was used to generate the token.
options
is an object with the following properties:
epoch
(in milliseconds) - defaults to Milliseconds since Discord Epoch:1420070400000
callback
is a function that is called with the err
and the TokenObject
respectively.
Verify Asynchronously
const DCT = require('dc-tokens');
DCT.verify(token, privateKey, options, (err, decoded) =>{
console.log(decoded);
});
Verify Synchronously
const DCT = require('dc-tokens');
let decoded = DCT.verify(token, privateKey, options);
Handiling Errors
const DCT = require('dc-tokens');
// Handling Erros - Asynchronously
DCT.verify(token, privateKey, options, (err, decoded) =>{
if (err) {
console.error(err);
} else {
console.log(decoded);
}
});
// Handling Erros - Synchronously
try{
let decoded = DCT.verify(token, privateKey, options);
} catch (err) {
console.error(err);
}
the error that is passed as the first paramater in the callback function in either sign
or verify
has a specific structure when running asynchronously.
{
code: DCTError;
message: string;
stack?: string;
}
DCTError
can have the following values:
INVALID_TOKEN
- token is invalidTOKEN_MALFORMED
- token is malformedSIGNATURE_REQUIRED
- signature is requiredINVALID_SIGNATURE
- invalid signatureUNCAUGHT_ERROR
- uncaught error (any other error)TIMESTAMP_MALFORMED
- malformed timestamp
If used synchronously, the error is thrown.
If you have found a bug or if you have a feature request, please report them at this repository issues section.
The project is licensed under the MIT license.