/
auth.ts
67 lines (66 loc) · 2.28 KB
/
auth.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
import { IncomingHttpHeaders } from 'http';
import { sign, verify } from 'jsonwebtoken';
import { JWTPayload } from '@/types';
import { AuthenticationTokenPayload, AccessTokenPayload } from '@/types/token';
import { getRegionUid } from '@/services/enable';
const jwtSecret = (process.env.JWT_SECRET as string) || '123456789';
const regionJwtSecret = process.env.JWT_SECRET_REGION || '123456789';
const appJwtSecret = process.env.JWT_SECRET_APP || '123456789';
const verifyToken = async <T extends Object>(header: IncomingHttpHeaders) => {
try {
if (!header?.authorization) {
throw new Error('缺少凭证');
}
const token = decodeURIComponent(header.authorization);
const payload = await verifyJWT<T>(token);
return payload;
} catch (err) {
console.error(err);
return null;
}
};
export const verifyAccessToken = async (header: IncomingHttpHeaders) =>
verifyToken<AccessTokenPayload>(header).then(
(payload) => {
if (payload?.regionUid === getRegionUid()) {
return payload;
} else {
return null;
}
},
(err) => null
);
export const verifyAuthenticationToken = async (header: IncomingHttpHeaders) => {
try {
if (!header?.authorization) {
throw new Error('缺少凭证');
}
const token = decodeURIComponent(header.authorization);
const payload = await verifyJWT<AuthenticationTokenPayload>(token, regionJwtSecret);
return payload;
} catch (err) {
console.error(err);
return null;
}
};
export const verifyJWT = <T extends Object = JWTPayload>(token?: string, secret?: string) =>
new Promise<T | null>((resolve) => {
if (!token) return resolve(null);
verify(token, secret || jwtSecret, (err, payload) => {
if (err) {
console.log(err);
resolve(null);
} else if (!payload) {
console.log('payload is null');
resolve(null);
} else {
resolve(payload as T);
}
});
});
export const generateAccessToken = (props: AccessTokenPayload) =>
sign(props, jwtSecret, { expiresIn: '7d' });
export const generateAppToken = (props: AccessTokenPayload) =>
sign(props, appJwtSecret, { expiresIn: '7d' });
export const generateAuthenticationToken = (props: AuthenticationTokenPayload) =>
sign(props, regionJwtSecret, { expiresIn: '60000' });