npm - @elysiajs/jwt - Versions diffs - 0.6.1 → 0.6.2 - Mend

@elysiajs/jwt 0.6.1 → 0.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +2 -2
package/src/index.ts +177 -0

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@elysiajs/jwt",
   "description": "Plugin for Elysia for using JWT Authentication",
-  "version": "0.6.1",
+  "version": "0.6.2",
   "author": {
     "name": "saltyAom",
     "url": "https://github.com/SaltyAom",
@@ -52,4 +52,4 @@
   "peerDependencies": {
     "elysia": ">= 0.5.12"
   }
-}
+}

package/src/index.ts ADDED Viewed

@@ -0,0 +1,177 @@
+import {
+    ValidationError,
+    getSchemaValidator,
+    Elysia,
+    type Context,
+    ElysiaInstance
+} from 'elysia'
+import {
+    SignJWT,
+    jwtVerify,
+    type JWTPayload,
+    type JWSHeaderParameters
+} from 'jose'
+import { Type as t } from '@sinclair/typebox'
+import type { Static, TObject, TSchema } from '@sinclair/typebox'
+type UnwrapSchema<
+    Schema extends TSchema | undefined,
+    Fallback = unknown
+> = Schema extends TSchema ? Static<NonNullable<Schema>> : Fallback
+export interface JWTPayloadSpec {
+    iss?: string
+    sub?: string
+    aud?: string | string[]
+    jti?: string
+    nbf?: number
+    exp?: number
+    iat?: number
+}
+export interface JWTOption<
+    Name extends string | undefined = 'jwt',
+    Schema extends TSchema | undefined = undefined
+> extends JWSHeaderParameters,
+        Omit<JWTPayload, 'nbf' | 'exp'> {
+    /**
+     * Name to decorate method as
+     *
+     * ---
+     * @example
+     * For example, `jwt` will decorate Context with `Context.jwt`
+     *
+     * ```typescript
+     * app
+     *     .decorate({
+     *         name: 'myJWTNamespace',
+     *         secret: process.env.JWT_SECRETS
+     *     })
+     *     .get('/sign/:name', ({ myJWTNamespace, params }) => {
+     *         return myJWTNamespace.sign(params)
+     *     })
+     * ```
+     */
+    name?: Name
+    /**
+     * JWT Secret
+     */
+    secret: string
+    /**
+     * Type strict validation for JWT payload
+     */
+    schema?: Schema
+    /**
+     * JWT Not Before
+     *
+     * @see [RFC7519#section-4.1.5](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5)
+     */
+    nbf?: string | number
+    /**
+     * JWT Expiration Time
+     *
+     * @see [RFC7519#section-4.1.4](https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4)
+     */
+    exp?: string | number
+}
+export const jwt = <
+    Name extends string = 'jwt',
+    Schema extends TSchema | undefined = undefined
+>({
+    name = 'jwt' as Name,
+    secret,
+    // Start JWT Header
+    alg = 'HS256',
+    crit,
+    schema,
+    // End JWT Header
+    // Start JWT Payload
+    nbf,
+    exp,
+    ...payload
+}: // End JWT Payload
+JWTOption<Name, Schema>) => {
+    if (!secret) throw new Error("Secret can't be empty")
+    const key = new TextEncoder().encode(secret)
+    const validator = schema
+        ? getSchemaValidator(
+              t.Union([
+                  schema as any,
+                  t.Object({
+                      iss: t.Optional(t.String()),
+                      sub: t.Optional(t.String()),
+                      aud: t.Optional(
+                          t.Union([t.String(), t.Array(t.String())])
+                      ),
+                      jti: t.Optional(t.String()),
+                      nbf: t.Optional(t.Union([t.String(), t.Number()])),
+                      exp: t.Optional(t.Union([t.String(), t.Number()])),
+                      iat: t.Optional(t.String())
+                  })
+              ]) as any,
+              {}
+          )
+        : undefined
+    return new Elysia({
+        name: '@elysiajs/jwt',
+        seed: {
+            name,
+            secret,
+            alg,
+            crit,
+            schema,
+            nbf,
+            exp,
+            ...payload
+        }
+    }).decorate(name as Name extends string ? Name : 'jwt', {
+        sign: (
+            morePayload: UnwrapSchema<Schema, Record<string, string>> &
+                JWTPayloadSpec
+        ) => {
+            let jwt = new SignJWT({
+                ...payload,
+                ...morePayload,
+                nbf: undefined,
+                exp: undefined
+            }).setProtectedHeader({
+                alg,
+                crit
+            })
+            if (nbf) jwt = jwt.setNotBefore(nbf)
+            if (exp) jwt = jwt.setExpirationTime(exp)
+            return jwt.sign(key)
+        },
+        verify: async (
+            jwt?: string
+        ): Promise<
+            | (UnwrapSchema<Schema, Record<string, string>> & JWTPayloadSpec)
+            | false
+        > => {
+            if (!jwt) return false
+            try {
+                const data: any = (await jwtVerify(jwt, key)).payload
+                if (validator && !validator!.Check(data))
+                    throw new ValidationError('JWT', validator, data)
+                return data
+            } catch (_) {
+                return false
+            }
+        }
+    })
+}
+export default jwt