I created this package as a centralized repo for security functions generally needed for server-side development.
generate2faSecret(issuer: string, name: string) -> { url: string, secret: string }
generate2faQrCode(url: string) -> Promise<string>
verify2faToken(secret: string, token: string) -> boolean
generateCsrfToken() -> string
hash(data: string|Buffer, inputEncoding?: Encoding) -> Buffer
hmac(secret: string|Buffer, data: string|Buffer, inputEncoding?: Encoding) -> Buffer
verifyMessageSignature(
secret: string,
maxAge: number,
signature: string,
components: {
httpMethod: string;
httpPath: string;
apiKey: string;
nonce: string;
timestamp: number;
payload?: string;
}
) -> boolean
hashPassword(password: string) -> Promise<string>
verifyPassword(password: string, hash: string) -> Promise<boolean>
generateSessionId() -> string
generateSessionToken(secret: string, sessionId: string) -> string
getSessionIdFromSessionToken(secret: string, token: string) -> IOptional<string>
generateSymmetricKey() -> string
symmetricEncrypt(key: string, data: string) -> string
symmetricDecrypt(key: string, data: string) -> string