@dws-std/jwt 1.1.2 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -9
- package/dist/index.js +3 -4
- package/dist/jwt.d.ts +2 -2
- package/package.json +3 -5
package/README.md
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# 🔐 DWS JWT
|
|
2
2
|
|
|
3
3
|
Signing and verifying JWTs shouldn't require boilerplate.
|
|
4
|
-
`@dws-std/jwt` wraps [jose](https://github.com/panva/jose) with sane defaults — HS256, standard claims pre-filled
|
|
4
|
+
`@dws-std/jwt` wraps [jose](https://github.com/panva/jose) with sane defaults — HS256, standard claims pre-filled — so you can focus on what matters instead of re-reading the JWT spec.
|
|
5
5
|
|
|
6
6
|
## 📌 Table of Contents
|
|
7
7
|
|
|
@@ -33,14 +33,6 @@ const token = await signJWT(secret, { userId: 42, role: 'admin' });
|
|
|
33
33
|
|
|
34
34
|
// Numeric offset in seconds
|
|
35
35
|
const token = await signJWT(secret, { userId: 42 }, 3600);
|
|
36
|
-
|
|
37
|
-
// Date object
|
|
38
|
-
const token = await signJWT(secret, { userId: 42 }, new Date(Date.now() + 3600_000));
|
|
39
|
-
|
|
40
|
-
// Human-readable — powered by @dws-std/common
|
|
41
|
-
const token = await signJWT(secret, { userId: 42 }, '1 hour');
|
|
42
|
-
const token = await signJWT(secret, { userId: 42 }, '30 minutes');
|
|
43
|
-
const token = await signJWT(secret, { userId: 42 }, '7 days');
|
|
44
36
|
```
|
|
45
37
|
|
|
46
38
|
The secret must be at least 32 characters long (HS256 requirement). Any shorter and it throws immediately — better to catch it at startup than in production.
|
package/dist/index.js
CHANGED
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
// @bun
|
|
2
2
|
// src/jwt.ts
|
|
3
|
-
import { parseHumanTimeToSeconds } from "@dws-std/common";
|
|
4
3
|
import { Exception } from "@dws-std/error";
|
|
5
4
|
import { SignJWT, errors, jwtVerify } from "jose";
|
|
6
5
|
var JWT_ERROR_KEYS = {
|
|
@@ -11,18 +10,18 @@ var JWT_ERROR_KEYS = {
|
|
|
11
10
|
JWT_UNAUTHORIZED: "jwt.unauthorized"
|
|
12
11
|
};
|
|
13
12
|
var _textEncoder = new TextEncoder;
|
|
14
|
-
var signJWT = (secret, payload,
|
|
13
|
+
var signJWT = (secret, payload, expirationSeconds = 60 * 15) => {
|
|
15
14
|
if (secret.length < 32)
|
|
16
15
|
throw new Exception("Secret key must be at least 32 characters long", {
|
|
17
16
|
key: JWT_ERROR_KEYS.JWT_SECRET_TOO_WEAK,
|
|
18
17
|
cause: { providedLength: secret.length }
|
|
19
18
|
});
|
|
20
19
|
const nowSeconds = Math.floor(Date.now() / 1000);
|
|
21
|
-
const exp =
|
|
20
|
+
const exp = nowSeconds + expirationSeconds;
|
|
22
21
|
if (exp <= nowSeconds)
|
|
23
22
|
throw new Exception("Expiration time must be in the future", {
|
|
24
23
|
key: JWT_ERROR_KEYS.JWT_EXPIRATION_PASSED,
|
|
25
|
-
cause: {
|
|
24
|
+
cause: { providedExpirationSeconds: expirationSeconds }
|
|
26
25
|
});
|
|
27
26
|
const finalPayload = {
|
|
28
27
|
iss: "DWS-Issuer",
|
package/dist/jwt.d.ts
CHANGED
|
@@ -15,13 +15,13 @@ export interface VerifyOptions {
|
|
|
15
15
|
*
|
|
16
16
|
* @param secret - The secret key used for HS256 signing (minimum 32 characters)
|
|
17
17
|
* @param payload - The JWT payload claims
|
|
18
|
-
* @param
|
|
18
|
+
* @param expirationSeconds - Token expiration as a seconds offset from now (default: 15 minutes)
|
|
19
19
|
*
|
|
20
20
|
* @throws ({@link Exception}) - If secret is too short, expiration is in the past, or signing fails
|
|
21
21
|
*
|
|
22
22
|
* @returns A Promise resolving to the signed JWT string
|
|
23
23
|
*/
|
|
24
|
-
export declare const signJWT: (secret: string, payload: JWTPayload,
|
|
24
|
+
export declare const signJWT: (secret: string, payload: JWTPayload, expirationSeconds?: number) => Promise<string>;
|
|
25
25
|
/**
|
|
26
26
|
* Verifies a JWT token and throws Exception on failure
|
|
27
27
|
*
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@dws-std/jwt",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.2.0",
|
|
4
4
|
"description": "JWT utilities and helpers for secure token management.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"bun",
|
|
@@ -41,19 +41,17 @@
|
|
|
41
41
|
"test": "bun test --pass-with-no-tests --coverage"
|
|
42
42
|
},
|
|
43
43
|
"dependencies": {
|
|
44
|
-
"@dws-std/common": "^1.1.1",
|
|
45
44
|
"@dws-std/error": "^2.2.1",
|
|
46
45
|
"jose": "^6.2.3"
|
|
47
46
|
},
|
|
48
47
|
"devDependencies": {
|
|
49
48
|
"@types/bun": "^1.3.14",
|
|
50
|
-
"oxfmt": "0.
|
|
51
|
-
"oxlint": "1.
|
|
49
|
+
"oxfmt": "0.54.0",
|
|
50
|
+
"oxlint": "1.69.0",
|
|
52
51
|
"oxlint-tsgolint": "0.23.0",
|
|
53
52
|
"typescript": "^6.0.3"
|
|
54
53
|
},
|
|
55
54
|
"peerDependencies": {
|
|
56
|
-
"@dws-std/common": "^1.1.1",
|
|
57
55
|
"@dws-std/error": "^2.2.1"
|
|
58
56
|
}
|
|
59
57
|
}
|