@dwtechs/toker-express 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/toker-express.js +13 -13
- package/package.json +4 -4
package/dist/toker-express.js
CHANGED
|
@@ -40,9 +40,9 @@ var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _argume
|
|
|
40
40
|
const { TOKEN_SECRET, ACCESS_TOKEN_DURATION, REFRESH_TOKEN_DURATION } = process.env;
|
|
41
41
|
const TE_PREFIX = "Toker-express: ";
|
|
42
42
|
if (!TOKEN_SECRET)
|
|
43
|
-
throw new Error(`${TE_PREFIX}
|
|
43
|
+
throw new Error(`${TE_PREFIX}Missing TOKEN_SECRET environment variable`);
|
|
44
44
|
if (!isString(TOKEN_SECRET, "!0"))
|
|
45
|
-
throw new Error(`${TE_PREFIX}
|
|
45
|
+
throw new Error(`${TE_PREFIX}Invalid TOKEN_SECRET environment variable`);
|
|
46
46
|
const secrets = [TOKEN_SECRET];
|
|
47
47
|
const accessDuration = isNumber(ACCESS_TOKEN_DURATION, false) ? ACCESS_TOKEN_DURATION : 600;
|
|
48
48
|
const refreshDuration = isNumber(REFRESH_TOKEN_DURATION, false) ? REFRESH_TOKEN_DURATION : 86400;
|
|
@@ -51,8 +51,8 @@ function refresh(req, res, next) {
|
|
|
51
51
|
var _a, _b, _c;
|
|
52
52
|
const iss = ((_a = req.decodedAccessToken) === null || _a === void 0 ? void 0 : _a.iss) || ((_c = (_b = req.body) === null || _b === void 0 ? void 0 : _b.id) === null || _c === void 0 ? void 0 : _c.toString());
|
|
53
53
|
if (!isValidNumber(iss, 1, 999999999, false))
|
|
54
|
-
return next({ statusCode: 400, message: `${TE_PREFIX}
|
|
55
|
-
log.debug(
|
|
54
|
+
return next({ statusCode: 400, message: `${TE_PREFIX}Missing iss` });
|
|
55
|
+
log.debug(`${TE_PREFIX}Create tokens for user ${iss}`);
|
|
56
56
|
let accessToken;
|
|
57
57
|
let refreshToken;
|
|
58
58
|
try {
|
|
@@ -68,7 +68,7 @@ function refresh(req, res, next) {
|
|
|
68
68
|
});
|
|
69
69
|
}
|
|
70
70
|
function decodeAccess(req, _res, next) {
|
|
71
|
-
log.debug(
|
|
71
|
+
log.debug(`${TE_PREFIX}decode access token`);
|
|
72
72
|
if (!req.isProtected)
|
|
73
73
|
return next();
|
|
74
74
|
let t;
|
|
@@ -78,9 +78,9 @@ function decodeAccess(req, _res, next) {
|
|
|
78
78
|
catch (e) {
|
|
79
79
|
return next(e);
|
|
80
80
|
}
|
|
81
|
-
log.debug(
|
|
81
|
+
log.debug(`${TE_PREFIX}accessToken : ${t}`);
|
|
82
82
|
if (!isJWT(t))
|
|
83
|
-
return next({ statusCode: 401, message: `${TE_PREFIX}
|
|
83
|
+
return next({ statusCode: 401, message: `${TE_PREFIX}Invalid access token` });
|
|
84
84
|
let decodedToken = null;
|
|
85
85
|
try {
|
|
86
86
|
decodedToken = verify(t, secrets, true);
|
|
@@ -89,17 +89,17 @@ function decodeAccess(req, _res, next) {
|
|
|
89
89
|
return next(e);
|
|
90
90
|
}
|
|
91
91
|
if (!isValidNumber(decodedToken.iss, 1, 999999999, false))
|
|
92
|
-
return next({ statusCode: 400, message: `${TE_PREFIX}
|
|
93
|
-
log.debug(
|
|
92
|
+
return next({ statusCode: 400, message: `${TE_PREFIX}Missing iss` });
|
|
93
|
+
log.debug(`${TE_PREFIX}Decoded access token : ${JSON.stringify(decodedToken)}`);
|
|
94
94
|
req.decodedAccessToken = decodedToken;
|
|
95
95
|
next();
|
|
96
96
|
}
|
|
97
97
|
function decodeRefresh(req, _res, next) {
|
|
98
98
|
return __awaiter(this, void 0, void 0, function* () {
|
|
99
99
|
const token = req.body.refreshToken;
|
|
100
|
-
log.debug(
|
|
100
|
+
log.debug(`${TE_PREFIX}decodeRefresh(token=${token})`);
|
|
101
101
|
if (!isJWT(token))
|
|
102
|
-
return next({ statusCode: 401, message: `${TE_PREFIX}
|
|
102
|
+
return next({ statusCode: 401, message: `${TE_PREFIX}Invalid refresh token` });
|
|
103
103
|
let decodedToken = null;
|
|
104
104
|
try {
|
|
105
105
|
decodedToken = verify(token, secrets, false);
|
|
@@ -108,8 +108,8 @@ function decodeRefresh(req, _res, next) {
|
|
|
108
108
|
return next(e);
|
|
109
109
|
}
|
|
110
110
|
if (!isValidNumber(decodedToken.iss, 1, 999999999, false))
|
|
111
|
-
return next({ statusCode: 400, message: `${TE_PREFIX}
|
|
112
|
-
log.debug(
|
|
111
|
+
return next({ statusCode: 400, message: `${TE_PREFIX}Missing iss` });
|
|
112
|
+
log.debug(`${TE_PREFIX}Decoded refresh token : ${JSON.stringify(req.decodedRefreshToken)}`);
|
|
113
113
|
req.decodedRefreshToken = decodedToken;
|
|
114
114
|
next();
|
|
115
115
|
});
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@dwtechs/toker-express",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.1",
|
|
4
4
|
"description": "Open source JWT management library for Express.js to refresh and decode tokens safely.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"JWT",
|
|
@@ -37,9 +37,9 @@
|
|
|
37
37
|
"dist/"
|
|
38
38
|
],
|
|
39
39
|
"dependencies": {
|
|
40
|
-
"@dwtechs/checkard": "3.
|
|
41
|
-
"@dwtechs/toker": "0.1.
|
|
42
|
-
"@dwtechs/winstan": "0.
|
|
40
|
+
"@dwtechs/checkard": "3.5.1",
|
|
41
|
+
"@dwtechs/toker": "0.1.1",
|
|
42
|
+
"@dwtechs/winstan": "0.4.0"
|
|
43
43
|
},
|
|
44
44
|
"devDependencies": {
|
|
45
45
|
"@types/express": "5.0.0",
|