@anteros/core 0.0.1-alpha.4 → 0.0.1-alpha.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.ts +0 -1
- package/package.json +1 -1
- package/server/hono.ts +16 -10
- package/utils/func.ts +25 -18
- package/lib/buffer-polyfill.ts +0 -57
package/index.ts
CHANGED
package/package.json
CHANGED
package/server/hono.ts
CHANGED
|
@@ -129,16 +129,22 @@ function createApp(): Hono<{ Variables: HonoVariables }> {
|
|
|
129
129
|
})
|
|
130
130
|
const bearer = c.req.header('Authorization')?.replace('Bearer ', '');
|
|
131
131
|
if (bearer) {
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
132
|
+
let tokenData: { value: string | null; decoded: Record<string, unknown> | null; provided: boolean; expired: boolean };
|
|
133
|
+
try {
|
|
134
|
+
const { value, error } = await jwt.verify(bearer);
|
|
135
|
+
const isValid = !error && value != null;
|
|
136
|
+
const isExpired = !!error && error.toLowerCase().includes('exp');
|
|
137
|
+
|
|
138
|
+
tokenData = {
|
|
139
|
+
value: bearer,
|
|
140
|
+
decoded: isValid ? (value as Record<string, unknown>) : null,
|
|
141
|
+
provided: true,
|
|
142
|
+
expired: isExpired || (value != null && typeof (value as any)?.exp === 'number' && (value as any).exp * 1000 < Date.now()),
|
|
143
|
+
};
|
|
144
|
+
} catch {
|
|
145
|
+
// Malformed token — treat as invalid, don't crash
|
|
146
|
+
tokenData = { value: null, decoded: null, provided: true, expired: true };
|
|
147
|
+
}
|
|
142
148
|
|
|
143
149
|
requestCtxStorage.set('token', tokenData);
|
|
144
150
|
c.set('token', tokenData);
|
package/utils/func.ts
CHANGED
|
@@ -19,22 +19,29 @@ const jwt = {
|
|
|
19
19
|
audience?: string | string[];
|
|
20
20
|
subject?: string;
|
|
21
21
|
}) => {
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
22
|
+
try {
|
|
23
|
+
let SECRET_ = cfg.server.jwt?.secret || Bun.env.JWT_SECRET
|
|
24
|
+
if (!SECRET_) throw new Error('JWT_SECRET is not set');
|
|
25
|
+
let EXPIRES_IN = cfg.server.jwt?.expiresIn || '1h'
|
|
26
|
+
|
|
27
|
+
const secret = new TextEncoder().encode(SECRET_);
|
|
28
|
+
const signer = new Jose.SignJWT(payload)
|
|
29
|
+
.setProtectedHeader({ alg: 'HS256' })
|
|
30
|
+
.setIssuedAt()
|
|
31
|
+
.setExpirationTime(EXPIRES_IN || '1h')
|
|
32
|
+
|
|
33
|
+
if (options?.issuer) signer.setIssuer(options.issuer)
|
|
34
|
+
if (options?.audience) signer.setAudience(options.audience)
|
|
35
|
+
if (options?.subject) signer.setSubject(options.subject)
|
|
36
|
+
|
|
37
|
+
const token = await signer.sign(secret);
|
|
38
|
+
return token;
|
|
39
|
+
} catch (err: any) {
|
|
40
|
+
throw new AppError(err?.message || 'Failed to sign token', {
|
|
41
|
+
code: 'JWT_SIGN_ERROR',
|
|
42
|
+
status: 500,
|
|
43
|
+
});
|
|
44
|
+
}
|
|
38
45
|
},
|
|
39
46
|
verify: async (token: string): Promise<{ value: Record<string, unknown> | null, error: string | null }> => {
|
|
40
47
|
try {
|
|
@@ -47,10 +54,10 @@ const jwt = {
|
|
|
47
54
|
value: payload,
|
|
48
55
|
error: null
|
|
49
56
|
}
|
|
50
|
-
} catch (
|
|
57
|
+
} catch (err: any) {
|
|
51
58
|
return {
|
|
52
59
|
value: null,
|
|
53
|
-
error:
|
|
60
|
+
error: err instanceof Error ? err.message : String(err)
|
|
54
61
|
}
|
|
55
62
|
}
|
|
56
63
|
}
|
package/lib/buffer-polyfill.ts
DELETED
|
@@ -1,57 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Polyfill for Bun's Buffer to accept numeric encodings.
|
|
3
|
-
*
|
|
4
|
-
* Node.js allows encoding to be passed as a number (e.g. 3 = 'latin1'),
|
|
5
|
-
* but Bun throws "Invalid encoding: 3". This patches Buffer.from,
|
|
6
|
-
* Buffer.alloc, and Buffer.allocUnsafe to convert numeric encodings
|
|
7
|
-
* to their string equivalents before calling the original methods.
|
|
8
|
-
*
|
|
9
|
-
* Required by: mongodb driver (bson), and any library that uses
|
|
10
|
-
* legacy numeric encoding values internally.
|
|
11
|
-
*/
|
|
12
|
-
const ENCODING_MAP: Record<number, string> = {
|
|
13
|
-
0: "utf8",
|
|
14
|
-
1: "utf-8",
|
|
15
|
-
2: "utf16le",
|
|
16
|
-
3: "latin1",
|
|
17
|
-
4: "latin1", // binary alias
|
|
18
|
-
5: "base64",
|
|
19
|
-
6: "base64url",
|
|
20
|
-
7: "hex",
|
|
21
|
-
8: "ascii",
|
|
22
|
-
9: "ucs2",
|
|
23
|
-
10: "ucs-2",
|
|
24
|
-
};
|
|
25
|
-
|
|
26
|
-
function normalizeEncoding(
|
|
27
|
-
encoding: string | number | undefined,
|
|
28
|
-
): BufferEncoding | undefined {
|
|
29
|
-
if (encoding === undefined || typeof encoding === "string") {
|
|
30
|
-
return encoding as BufferEncoding | undefined;
|
|
31
|
-
}
|
|
32
|
-
const mapped = ENCODING_MAP[encoding];
|
|
33
|
-
if (mapped) return mapped as BufferEncoding;
|
|
34
|
-
return undefined;
|
|
35
|
-
}
|
|
36
|
-
|
|
37
|
-
// Patch Buffer.from
|
|
38
|
-
const _Buffer_from = Buffer.from.bind(Buffer) as typeof Buffer.from;
|
|
39
|
-
(Buffer as any).from = function (
|
|
40
|
-
...args: any[]
|
|
41
|
-
): Buffer {
|
|
42
|
-
if (args.length >= 2 && typeof args[1] === "number") {
|
|
43
|
-
args[1] = normalizeEncoding(args[1]);
|
|
44
|
-
}
|
|
45
|
-
return _Buffer_from(...args as [any, any?, any?]);
|
|
46
|
-
};
|
|
47
|
-
|
|
48
|
-
// Patch Buffer.alloc
|
|
49
|
-
const _Buffer_alloc = Buffer.alloc.bind(Buffer);
|
|
50
|
-
(Buffer as any).alloc = function (
|
|
51
|
-
...args: any[]
|
|
52
|
-
): Buffer {
|
|
53
|
-
if (args.length >= 2 && typeof args[1] === "number") {
|
|
54
|
-
args[1] = normalizeEncoding(args[1]);
|
|
55
|
-
}
|
|
56
|
-
return _Buffer_alloc(...args as [any, any?, any?]);
|
|
57
|
-
};
|