@dwtechs/toker-express 0.1.1 → 0.2.0

package/README.md

@@ -2,6 +2,7 @@
 [![License: MIT](https://img.shields.io/npm/l/@dwtechs/toker-express.svg?color=brightgreen)](https://opensource.org/licenses/MIT)
 [![npm version](https://badge.fury.io/js/%40dwtechs%2Ftoker-express.svg)](https://www.npmjs.com/package/@dwtechs/toker-express)
 [![last version release date](https://img.shields.io/github/release-date/DWTechs/Toker-express.js)](https://www.npmjs.com/package/@dwtechs/toker-express)
+![Jest:coverage](https://img.shields.io/badge/Jest:coverage-95%25-brightgreen.svg)
 
 
 - [Synopsis](#synopsis)
@@ -124,16 +125,16 @@ const refreshDuration = isNumber(REFRESH_TOKEN_DURATION, false) ? REFRESH_TOKEN_
 /**
  * Refreshes the JWT tokens for a user.
  *
- * This function generates new access and refresh tokens for a user based on the provided
- * decoded access token or user ID in the request body. It validates the issuer (iss) and
+ * This function generates new access and refresh tokens for a consumer based on the provided
+ * decoded access token from req.decodedAccessToken or user ID from req.body.rows[0].id. It validates the issuer (iss) and
  * creates new tokens if the validation is successful. The new tokens are then added to the
- * response object.
+ * response locals object and optionally to req.body.rows[0] if rows is an array with at least one element.
  *
- * @param {Request} req - The request object containing the decoded access token or user ID.
- * @param {MyResponse} res - The response object where the new tokens will be added.
+ * @param {Request} req - The request object containing req.decodedAccessToken or req.body.rows[0].id.
+ * @param {Response} res - The response object where the new tokens will be added in res.locals.
  * @param {NextFunction} next - The next middleware function in the Express.js request-response cycle.
  *
- * @returns {Promise<void>} Calls the next middleware function with an error if the issuer is invalid,
+ * @returns {void} Calls the next middleware function with an error if the issuer is invalid,
  *          otherwise proceeds to the next middleware function.
  * 
  * @throws {InvalidIssuerError} If the issuer (iss) is not a string or number (HTTP 400)
@@ -142,15 +143,14 @@ const refreshDuration = isNumber(REFRESH_TOKEN_DURATION, false) ? REFRESH_TOKEN_
  * @throws {InvalidBase64Secret} If the secret cannot be decoded from base64 (HTTP 500)
  * @throws {Object} Will call next() with error object containing:
  *   - statusCode: 400 - When iss (issuer) is missing or invalid
- *   - statusCode: 400 - When iss is not a valid number between 1 and 999999999
  */
-function refresh(req: Request, res: MyResponse, next: NextFunction): void {}
+function refresh(req: Request, res: Response, next: NextFunction): void {}
 
 /**
  * Express middleware function to decode and verify an access token from the Authorization header.
  * 
  * This middleware extracts the JWT access token from the Authorization header, validates its format,
- * verifies its signature, and attaches the decoded token to the request object for use by subsequent
+ * verifies its signature, and attaches the decoded token to req.decodedAccessToken for use by subsequent
  * middleware. It only processes requests that have `req.isProtected` set to true.
  * 
  * @param {Request} req - The Express request object containing the Authorization header
@@ -171,14 +171,6 @@ function refresh(req: Request, res: MyResponse, next: NextFunction): void {}
  *   - statusCode: 401 - When token is not a valid JWT format
  *   - statusCode: 400 - When decoded token is missing required 'iss' claim
  * 
- * @example
- * ```typescript
- * // Usage in Express route with protection middleware
- * const protect = (req: Request, res: Response, next: NextFunction) => {
- *   req.isProtected = true;
- *   next();
- * };
- * 
  */
 function decodeAccess(req: Request, _res: Response, next: NextFunction): void {}
 
@@ -189,7 +181,7 @@ function decodeAccess(req: Request, _res: Response, next: NextFunction): void {}
  * @param {Response} _res - The response object (not used in this function).
  * @param {NextFunction} next - The next middleware function to be called.
  * 
- * @returns {Promise<void>} Calls the next middleware function with an error object if the token is invalid or missing required fields.
+ * @returns {void} Calls the next middleware function with an error object if the token is invalid or required fields are missing.
  * 
  * @throws {InvalidTokenError} If the token is malformed or has invalid structure (HTTP 401)
  * @throws {InvalidSecretsError} If the secrets configuration is invalid (HTTP 500)
@@ -210,13 +202,19 @@ function decodeRefresh(req: Request, _res: Response, next: NextFunction): void {
 This function will look for an ISS in the client request body :
 
 ```Javascript
-const iss = req.body.decodedAccessToken?.iss || req.body?.id?.toString();
+const iss = req.decodedAccessToken?.iss || (isArray(req.body.rows, null, 1) ? req.body.rows[0]?.id?.toString() : null);
 ```
 
-It will then send both new refresh and access tokens in the res object.
+It will then send both new refresh and access tokens in the res.locals and req.body objects.
 
 ```Javascript
-res.rows = [{ accessToken, refreshToken }];
+res.locals.accessToken = accessToken;
+res.locals.refreshToken = refreshToken;
+
+if (isArray(req.body.rows)) {
+  req.body.rows[0].accessToken = accessToken;
+  req.body.rows[0].refreshToken = refreshToken;
+}
 ```
 
 ### JWT Decoding

package/dist/toker-express.d.ts

@@ -25,7 +25,6 @@ https://github.com/DWTechs/Toker-express.js
 */
 
 import type { Request, Response, NextFunction } from 'express';
-import type { MyResponse } from './interfaces';
 
 // Extend Express Request interface globally
 declare global {
@@ -38,9 +37,9 @@ declare global {
   }
 }
 
-declare function refresh(req: Request, res: MyResponse, next: NextFunction): Promise<void>;
+declare function refresh(req: Request, res: Response, next: NextFunction): void;
 declare function decodeAccess(req: Request, _res: Response, next: NextFunction): void;
-declare function decodeRefresh(req: Request, _res: Response, next: NextFunction): Promise<void>;
+declare function decodeRefresh(req: Request, _res: Response, next: NextFunction): void;
 
 export { 
   refresh,

package/dist/toker-express.js

@@ -25,50 +25,50 @@ https://github.com/DWTechs/Toker-express.js
 */
 
 import { sign, parseBearer, verify } from '@dwtechs/toker';
-import { isString, isNumber, isValidNumber, isJWT } from '@dwtechs/checkard';
+import { isString, isNumber, isArray, isValidNumber, isJWT } from '@dwtechs/checkard';
 import { log } from '@dwtechs/winstan';
 
-var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
 const { TOKEN_SECRET, ACCESS_TOKEN_DURATION, REFRESH_TOKEN_DURATION } = process.env;
-const TE_PREFIX = "Toker-express: ";
+const LOGS_PREFIX = "Toker-express: ";
 if (!TOKEN_SECRET)
-    throw new Error(`${TE_PREFIX}Missing TOKEN_SECRET environment variable`);
+    throw new Error(`${LOGS_PREFIX}Missing TOKEN_SECRET environment variable`);
 if (!isString(TOKEN_SECRET, "!0"))
-    throw new Error(`${TE_PREFIX}Invalid TOKEN_SECRET environment variable`);
+    throw new Error(`${LOGS_PREFIX}Invalid TOKEN_SECRET environment variable`);
 const secrets = [TOKEN_SECRET];
-const accessDuration = isNumber(ACCESS_TOKEN_DURATION, false) ? ACCESS_TOKEN_DURATION : 600;
-const refreshDuration = isNumber(REFRESH_TOKEN_DURATION, false) ? REFRESH_TOKEN_DURATION : 86400;
+const accessDuration = isNumber(ACCESS_TOKEN_DURATION, false) ? Number(ACCESS_TOKEN_DURATION) : 600;
+const refreshDuration = isNumber(REFRESH_TOKEN_DURATION, false) ? Number(REFRESH_TOKEN_DURATION) : 86400;
 function refresh(req, res, next) {
-    return __awaiter(this, void 0, void 0, function* () {
-        var _a, _b, _c;
-        const iss = ((_a = req.decodedAccessToken) === null || _a === void 0 ? void 0 : _a.iss) || ((_c = (_b = req.body) === null || _b === void 0 ? void 0 : _b.id) === null || _c === void 0 ? void 0 : _c.toString());
-        if (!isValidNumber(iss, 1, 999999999, false))
-            return next({ statusCode: 400, message: `${TE_PREFIX}Missing iss` });
-        log.debug(`${TE_PREFIX}Create tokens for user ${iss}`);
-        let accessToken;
-        let refreshToken;
-        try {
-            accessToken = sign(iss, accessDuration, "access", secrets);
-            refreshToken = sign(iss, refreshDuration, "refresh", secrets);
-        }
-        catch (err) {
-            return next(err);
-        }
-        log.debug(`refreshToken='${refreshToken}', accessToken='${accessToken}'`);
-        res.rows = [{ accessToken, refreshToken }];
-        next();
-    });
+    var _a, _b, _c;
+    let iss = (_a = req.decodedAccessToken) === null || _a === void 0 ? void 0 : _a.iss;
+    const rbr = req.body.rows;
+    let rbrIsArray = false;
+    if (!iss) {
+        rbrIsArray = isArray(rbr, null, 1);
+        iss = rbrIsArray ? (_c = (_b = rbr[0]) === null || _b === void 0 ? void 0 : _b.id) === null || _c === void 0 ? void 0 : _c.toString() : null;
+    }
+    if (!isValidNumber(iss, 1, 999999999, false))
+        return next({ statusCode: 400, message: `${LOGS_PREFIX}Missing iss` });
+    log.debug(`${LOGS_PREFIX}Create tokens for user ${iss}`);
+    let at;
+    let rt;
+    try {
+        at = sign(iss, accessDuration, "access", secrets);
+        rt = sign(iss, refreshDuration, "refresh", secrets);
+    }
+    catch (err) {
+        return next(err);
+    }
+    log.debug(`refreshToken='${rt}', accessToken='${at}'`);
+    res.locals.accessToken = at;
+    res.locals.refreshToken = rt;
+    if (rbrIsArray) {
+        rbr[0].accessToken = at;
+        rbr[0].refreshToken = rt;
+    }
+    next();
 }
 function decodeAccess(req, _res, next) {
-    log.debug(`${TE_PREFIX}decode access token`);
+    log.debug(`${LOGS_PREFIX}decode access token`);
     if (!req.isProtected)
         return next();
     let t;
@@ -78,41 +78,40 @@ function decodeAccess(req, _res, next) {
     catch (e) {
         return next(e);
     }
-    log.debug(`${TE_PREFIX}accessToken : ${t}`);
+    log.debug(`${LOGS_PREFIX}accessToken : ${t}`);
     if (!isJWT(t))
-        return next({ statusCode: 401, message: `${TE_PREFIX}Invalid access token` });
-    let decodedToken = null;
+        return next({ statusCode: 401, message: `${LOGS_PREFIX}Invalid access token` });
+    let dt = null;
     try {
-        decodedToken = verify(t, secrets, true);
+        dt = verify(t, secrets, true);
     }
     catch (e) {
         return next(e);
     }
-    if (!isValidNumber(decodedToken.iss, 1, 999999999, false))
-        return next({ statusCode: 400, message: `${TE_PREFIX}Missing iss` });
-    log.debug(`${TE_PREFIX}Decoded access token : ${JSON.stringify(decodedToken)}`);
-    req.decodedAccessToken = decodedToken;
+    if (!isValidNumber(dt.iss, 1, 999999999, false))
+        return next({ statusCode: 400, message: `${LOGS_PREFIX}Missing iss` });
+    log.debug(`${LOGS_PREFIX}Decoded access token : ${JSON.stringify(dt)}`);
+    req.decodedAccessToken = dt;
     next();
 }
 function decodeRefresh(req, _res, next) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const token = req.body.refreshToken;
-        log.debug(`${TE_PREFIX}decodeRefresh(token=${token})`);
-        if (!isJWT(token))
-            return next({ statusCode: 401, message: `${TE_PREFIX}Invalid refresh token` });
-        let decodedToken = null;
-        try {
-            decodedToken = verify(token, secrets, false);
-        }
-        catch (e) {
-            return next(e);
-        }
-        if (!isValidNumber(decodedToken.iss, 1, 999999999, false))
-            return next({ statusCode: 400, message: `${TE_PREFIX}Missing iss` });
-        log.debug(`${TE_PREFIX}Decoded refresh token : ${JSON.stringify(req.decodedRefreshToken)}`);
-        req.decodedRefreshToken = decodedToken;
-        next();
-    });
+    var _a;
+    const token = (_a = req.body) === null || _a === void 0 ? void 0 : _a.refreshToken;
+    log.debug(`${LOGS_PREFIX}decodeRefresh(token=${token})`);
+    if (!isJWT(token))
+        return next({ statusCode: 401, message: `${LOGS_PREFIX}Invalid refresh token` });
+    let dt = null;
+    try {
+        dt = verify(token, secrets, false);
+    }
+    catch (e) {
+        return next(e);
+    }
+    if (!isValidNumber(dt.iss, 1, 999999999, false))
+        return next({ statusCode: 400, message: `${LOGS_PREFIX}Missing iss` });
+    log.debug(`${LOGS_PREFIX}Decoded refresh token : ${JSON.stringify(dt)}`);
+    req.decodedRefreshToken = dt;
+    next();
 }
 
 export { decodeAccess, decodeRefresh, refresh };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dwtechs/toker-express",
-  "version": "0.1.1",
+  "version": "0.2.0",
   "description": "Open source JWT management library for Express.js to refresh and decode tokens safely.",
   "keywords": [
     "JWT",
@@ -31,21 +31,24 @@
     "rollup:mjs": "rollup --config rollup.config.mjs",
     "rollup:cjs": "rollup --config rollup.config.cjs.mjs",
     "rollup": "npm run rollup:mjs",
-    "test": ""
+    "test": "jest --coverage"
   },
   "files": [
     "dist/"
   ],
   "dependencies": {
-    "@dwtechs/checkard": "3.5.1",
+    "@dwtechs/checkard": "3.6.0",
     "@dwtechs/toker": "0.1.1",
-    "@dwtechs/winstan": "0.4.0"
+    "@dwtechs/winstan": "0.5.0"
   },
   "devDependencies": {
-    "@types/express": "5.0.0",
+    "@babel/preset-env": "7.26.0",
     "@rollup/plugin-node-resolve": "15.3.0",
+    "@types/express": "5.0.3",
+    "babel-jest": "29.7.0",
     "core-js": "3.38.1",
+    "jest": "29.7.0",
     "rollup": "4.24.0",
-    "typescript": "5.6.3"
+    "typescript": "5.9.2"
   }
 }