/
jwt.js
99 lines (87 loc) · 2.39 KB
/
jwt.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
const jwt = require('jsonwebtoken')
const { encrypt, decrypt } = require('./utils')
const EXPIRY = 60 * 60 * 24 // one day (24 hrs)
/**
*
* @param {*} payload
* @param {string} secret
*/
module.exports.generateToken = (payload, secret) => {
return jwt.sign({ data: payload }, secret, { expiresIn: EXPIRY })
}
/**
*
* @param {string} token
* @param {string} secret
*/
module.exports.verifyToken = (token, secret) => {
try {
// @ts-ignore
return { payload: jwt.verify(token, secret, {}).data }
} catch (err) {
return { err }
}
}
/**
*
* @param {*} payload
* @param {string} secret
*/
module.exports.generateEncryptedToken = (payload, secret) => {
return encrypt(module.exports.generateToken(payload, secret), secret)
}
/**
*
* @param {string} token
* @param {string} secret
*/
module.exports.verifyEncryptedToken = (token, secret) => {
try {
return module.exports.verifyToken(decrypt(token, secret), secret)
} catch (err) {
return { err }
}
}
const addToCookies = (res, token, companionOptions, authProvider, prefix) => {
const cookieOptions = {
maxAge: 1000 * EXPIRY, // would expire after one day (24 hrs)
httpOnly: true,
}
// Fix to show thumbnails on Chrome
// https://community.transloadit.com/t/dropbox-and-box-thumbnails-returning-401-unauthorized/15781/2
if (companionOptions.server && companionOptions.server.protocol === 'https') {
cookieOptions.sameSite = 'none'
cookieOptions.secure = true
}
if (companionOptions.cookieDomain) {
cookieOptions.domain = companionOptions.cookieDomain
}
// send signed token to client.
res.cookie(`${prefix}--${authProvider}`, token, cookieOptions)
}
/**
*
* @param {object} res
* @param {string} token
* @param {object} companionOptions
* @param {string} authProvider
*/
module.exports.addToCookies = (res, token, companionOptions, authProvider) => {
addToCookies(res, token, companionOptions, authProvider, 'uppyAuthToken')
}
/**
*
* @param {object} res
* @param {object} companionOptions
* @param {string} authProvider
*/
module.exports.removeFromCookies = (res, companionOptions, authProvider) => {
const cookieOptions = {
maxAge: 1000 * EXPIRY, // would expire after one day (24 hrs)
httpOnly: true,
}
if (companionOptions.cookieDomain) {
cookieOptions.domain = companionOptions.cookieDomain
}
res.clearCookie(`uppyAuthToken--${authProvider}`, cookieOptions)
}