@naman_deep_singh/security 1.3.0 → 1.3.1

package/README.md

@@ -1,6 +1,6 @@
 # @naman_deep_singh/security
 
-**Version:** 1.3.0
+**Version:** 1.3.1
 
 A complete, lightweight security toolkit for Node.js & TypeScript providing:
 

package/dist/cjs/core/crypto/cryptoManager.js

@@ -8,7 +8,7 @@ const index_1 = require("./index");
 const DEFAULT_CONFIG = {
     defaultAlgorithm: 'aes-256-gcm',
     defaultEncoding: 'utf8',
-    hmacAlgorithm: 'sha256'
+    hmacAlgorithm: 'sha256',
 };
 /**
  * CryptoManager - Class-based wrapper for all cryptographic operations
@@ -106,8 +106,14 @@ class CryptoManager {
             const crypto = require('crypto');
             const keyPair = crypto.generateKeyPairSync('rsa', {
                 modulusLength: options?.modulusLength || 2048,
-                publicKeyEncoding: options?.publicKeyEncoding || { type: 'spki', format: 'pem' },
-                privateKeyEncoding: options?.privateKeyEncoding || { type: 'pkcs8', format: 'pem' }
+                publicKeyEncoding: options?.publicKeyEncoding || {
+                    type: 'spki',
+                    format: 'pem',
+                },
+                privateKeyEncoding: options?.privateKeyEncoding || {
+                    type: 'pkcs8',
+                    format: 'pem',
+                },
             });
             resolve(keyPair);
         });

package/dist/cjs/core/crypto/decrypt.js

@@ -5,17 +5,17 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.decrypt = void 0;
 const crypto_1 = __importDefault(require("crypto"));
-const ALGO = "AES-256-GCM";
+const ALGO = 'AES-256-GCM';
 const decrypt = (data, secret) => {
-    const [ivHex, encryptedHex] = data.split(":");
-    const iv = Buffer.from(ivHex, "hex");
-    const encrypted = Buffer.from(encryptedHex, "hex");
-    const key = crypto_1.default.createHash("sha256").update(secret).digest();
+    const [ivHex, encryptedHex] = data.split(':');
+    const iv = Buffer.from(ivHex, 'hex');
+    const encrypted = Buffer.from(encryptedHex, 'hex');
+    const key = crypto_1.default.createHash('sha256').update(secret).digest();
     const decipher = crypto_1.default.createDecipheriv(ALGO, key, iv);
     const decrypted = Buffer.concat([
         decipher.update(encrypted),
         decipher.final(),
     ]);
-    return decrypted.toString("utf8");
+    return decrypted.toString('utf8');
 };
 exports.decrypt = decrypt;

package/dist/cjs/core/crypto/encrypt.js

@@ -5,12 +5,12 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.encrypt = void 0;
 const crypto_1 = __importDefault(require("crypto"));
-const ALGO = "AES-256-GCM";
+const ALGO = 'AES-256-GCM';
 const encrypt = (text, secret) => {
-    const key = crypto_1.default.createHash("sha256").update(secret).digest();
+    const key = crypto_1.default.createHash('sha256').update(secret).digest();
     const iv = crypto_1.default.randomBytes(16);
     const cipher = crypto_1.default.createCipheriv(ALGO, key, iv);
-    const encrypted = Buffer.concat([cipher.update(text, "utf8"), cipher.final()]);
-    return `${iv.toString("hex")}:${encrypted.toString("hex")}`;
+    const encrypted = Buffer.concat([cipher.update(text, 'utf8'), cipher.final()]);
+    return `${iv.toString('hex')}:${encrypted.toString('hex')}`;
 };
 exports.encrypt = encrypt;

package/dist/cjs/core/crypto/hmac.js

@@ -9,7 +9,7 @@ const crypto_1 = __importDefault(require("crypto"));
  * Sign message using HMAC SHA-256
  */
 const hmacSign = (message, secret) => {
-    return crypto_1.default.createHmac("sha256", secret).update(message).digest("hex");
+    return crypto_1.default.createHmac('sha256', secret).update(message).digest('hex');
 };
 exports.hmacSign = hmacSign;
 /**

package/dist/cjs/core/crypto/index.d.ts

@@ -1,5 +1,5 @@
-export { decrypt } from "./decrypt";
-export { encrypt } from "./encrypt";
-export { hmacSign, hmacVerify } from "./hmac";
-export { randomToken, generateStrongPassword } from "./random";
-export * from "./cryptoManager";
+export { decrypt } from './decrypt';
+export { encrypt } from './encrypt';
+export { hmacSign, hmacVerify } from './hmac';
+export { randomToken, generateStrongPassword } from './random';
+export * from './cryptoManager';

package/dist/cjs/core/crypto/random.js

@@ -9,13 +9,13 @@ const crypto_1 = __importDefault(require("crypto"));
  * Generate cryptographically secure random string
  */
 const randomToken = (length = 32) => {
-    return crypto_1.default.randomBytes(length).toString("hex");
+    return crypto_1.default.randomBytes(length).toString('hex');
 };
 exports.randomToken = randomToken;
 /**
  * Generate a strong random password
  */
 const generateStrongPassword = (length = 16) => {
-    return crypto_1.default.randomBytes(length).toString("hex").slice(0, length);
+    return crypto_1.default.randomBytes(length).toString('hex').slice(0, length);
 };
 exports.generateStrongPassword = generateStrongPassword;

package/dist/cjs/core/jwt/decode.d.ts

@@ -1,4 +1,4 @@
-import { JwtPayload } from "jsonwebtoken";
+import { type JwtPayload } from 'jsonwebtoken';
 /**
  * Flexible decode
  * Returns: null | string | JwtPayload

package/dist/cjs/core/jwt/decode.js

@@ -18,8 +18,8 @@ function decodeToken(token) {
  */
 function decodeTokenStrict(token) {
     const decoded = (0, jsonwebtoken_1.decode)(token);
-    if (!decoded || typeof decoded === "string") {
-        throw new Error("Invalid JWT payload structure");
+    if (!decoded || typeof decoded === 'string') {
+        throw new Error('Invalid JWT payload structure');
     }
     return decoded;
 }

package/dist/cjs/core/jwt/extractToken.js

@@ -8,16 +8,16 @@ function extractToken(sources) {
     const { header, cookies, query, body, wsMessage } = sources;
     // 1. Authorization: Bearer <token>
     if (header) {
-        const parts = header.split(" ");
-        if (parts.length === 2 && parts[0] === "Bearer")
+        const parts = header.split(' ');
+        if (parts.length === 2 && parts[0] === 'Bearer')
             return parts[1];
     }
     // 2. Cookies: token / accessToken
     if (cookies) {
-        if (cookies["token"])
-            return cookies["token"];
-        if (cookies["accessToken"])
-            return cookies["accessToken"];
+        if (cookies['token'])
+            return cookies['token'];
+        if (cookies['accessToken'])
+            return cookies['accessToken'];
     }
     // 3. Query params: ?token=xxx
     if (query?.token)
@@ -30,7 +30,7 @@ function extractToken(sources) {
         try {
             let msg = wsMessage;
             // If it's a JSON string → parse safely
-            if (typeof wsMessage === "string") {
+            if (typeof wsMessage === 'string') {
                 msg = JSON.parse(wsMessage);
             }
             // Ensure msg is an object before property access

package/dist/cjs/core/jwt/generateTokens.d.ts

@@ -1,4 +1,4 @@
-import { Secret } from "jsonwebtoken";
-import { RefreshToken, TokenPair } from "./types";
+import { type Secret } from 'jsonwebtoken';
+import type { RefreshToken, TokenPair } from './types';
 export declare const generateTokens: (payload: Record<string, unknown>, accessSecret: Secret, refreshSecret: Secret, accessExpiry?: string | number, refreshExpiry?: string | number) => TokenPair;
 export declare function rotateRefreshToken(oldToken: string, secret: Secret): RefreshToken;

package/dist/cjs/core/jwt/generateTokens.js

@@ -8,9 +8,13 @@ const verify_1 = require("./verify");
 const createBrandedToken = (token, _brand) => {
     return token;
 };
-const generateTokens = (payload, accessSecret, refreshSecret, accessExpiry = "15m", refreshExpiry = "7d") => {
-    const accessToken = (0, signToken_1.signToken)(payload, accessSecret, accessExpiry, { algorithm: "HS256" });
-    const refreshToken = (0, signToken_1.signToken)(payload, refreshSecret, refreshExpiry, { algorithm: "HS256" });
+const generateTokens = (payload, accessSecret, refreshSecret, accessExpiry = '15m', refreshExpiry = '7d') => {
+    const accessToken = (0, signToken_1.signToken)(payload, accessSecret, accessExpiry, {
+        algorithm: 'HS256',
+    });
+    const refreshToken = (0, signToken_1.signToken)(payload, refreshSecret, refreshExpiry, {
+        algorithm: 'HS256',
+    });
     return {
         accessToken: accessToken,
         refreshToken: refreshToken,
@@ -19,12 +23,12 @@ const generateTokens = (payload, accessSecret, refreshSecret, accessExpiry = "15
 exports.generateTokens = generateTokens;
 function rotateRefreshToken(oldToken, secret) {
     const decoded = (0, verify_1.verifyToken)(oldToken, secret);
-    if (typeof decoded === "string") {
-        throw new Error("Invalid token payload — expected JWT payload object");
+    if (typeof decoded === 'string') {
+        throw new Error('Invalid token payload — expected JWT payload object');
     }
     const payload = { ...decoded };
     delete payload.iat;
     delete payload.exp;
-    const newToken = (0, signToken_1.signToken)(payload, secret, "7d");
+    const newToken = (0, signToken_1.signToken)(payload, secret, '7d');
     return newToken;
 }

package/dist/cjs/core/jwt/index.d.ts

@@ -1,8 +1,8 @@
-export * from "./decode";
-export * from "./extractToken";
-export * from "./generateTokens";
-export * from "./parseDuration";
-export * from "./signToken";
-export * from "./types";
-export * from "./validateToken";
-export * from "./verify";
+export * from './decode';
+export * from './extractToken';
+export * from './generateTokens';
+export * from './parseDuration';
+export * from './signToken';
+export * from './types';
+export * from './validateToken';
+export * from './verify';

package/dist/cjs/core/jwt/jwtManager.d.ts

@@ -1,11 +1,12 @@
-import { JwtPayload, Secret } from "jsonwebtoken";
-import { ITokenManager, TokenPair, AccessToken, RefreshToken, JWTConfig, TokenValidationOptions } from "../../interfaces/jwt.interface";
+import { type JwtPayload, type Secret } from 'jsonwebtoken';
+import type { AccessToken, ITokenManager, JWTConfig, RefreshToken, TokenPair, TokenValidationOptions } from '../../interfaces/jwt.interface';
 export declare class JWTManager implements ITokenManager {
     private accessSecret;
     private refreshSecret;
     private accessExpiry;
     private refreshExpiry;
     private cache?;
+    private cacheTTL;
     constructor(config: JWTConfig);
     /**
      * Generate both access and refresh tokens

package/dist/cjs/core/jwt/jwtManager.js

@@ -8,51 +8,16 @@ const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
 const signToken_1 = require("./signToken");
 const verify_1 = require("./verify");
 const errors_utils_1 = require("@naman_deep_singh/errors-utils");
-// Simple LRU cache for token validation
-class TokenCache {
-    constructor(maxSize = 100, ttl = 5 * 60 * 1000) {
-        this.cache = new Map();
-        this.maxSize = maxSize;
-        this.ttl = ttl;
-    }
-    get(key) {
-        const entry = this.cache.get(key);
-        if (!entry)
-            return null;
-        if (Date.now() - entry.timestamp > this.ttl) {
-            this.cache.delete(key);
-            return null;
-        }
-        // Move to end (most recently used)
-        this.cache.delete(key);
-        this.cache.set(key, entry);
-        return { valid: entry.valid, payload: entry.payload };
-    }
-    set(key, value) {
-        if (this.cache.has(key)) {
-            this.cache.delete(key);
-        }
-        else if (this.cache.size >= this.maxSize) {
-            // Remove least recently used (first item)
-            const firstKey = this.cache.keys().next().value;
-            if (firstKey !== undefined) {
-                this.cache.delete(firstKey);
-            }
-        }
-        this.cache.set(key, { ...value, timestamp: Date.now() });
-    }
-    clear() {
-        this.cache.clear();
-    }
-}
+const js_extensions_1 = require("@naman_deep_singh/js-extensions");
 class JWTManager {
     constructor(config) {
         this.accessSecret = config.accessSecret;
         this.refreshSecret = config.refreshSecret;
-        this.accessExpiry = config.accessExpiry || "15m";
-        this.refreshExpiry = config.refreshExpiry || "7d";
+        this.accessExpiry = config.accessExpiry || '15m';
+        this.refreshExpiry = config.refreshExpiry || '7d';
+        this.cacheTTL = 5 * 60 * 1000; // 5 minutes default TTL
         if (config.enableCaching) {
-            this.cache = new TokenCache(config.maxCacheSize || 100);
+            this.cache = new js_extensions_1.LRUCache(config.maxCacheSize || 100);
         }
     }
     /**
@@ -69,10 +34,11 @@ class JWTManager {
             };
         }
         catch (error) {
-            if (error instanceof errors_utils_1.BadRequestError || error instanceof errors_utils_1.ValidationError) {
+            if (error instanceof errors_utils_1.BadRequestError ||
+                error instanceof errors_utils_1.ValidationError) {
                 throw error;
             }
-            throw new errors_utils_1.BadRequestError("Failed to generate tokens");
+            throw new errors_utils_1.BadRequestError('Failed to generate tokens');
         }
     }
     /**
@@ -81,14 +47,17 @@ class JWTManager {
     async generateAccessToken(payload) {
         try {
             this.validatePayload(payload);
-            const token = (0, signToken_1.signToken)(payload, this.accessSecret, this.accessExpiry, { algorithm: "HS256" });
+            const token = (0, signToken_1.signToken)(payload, this.accessSecret, this.accessExpiry, {
+                algorithm: 'HS256',
+            });
             return token;
         }
         catch (error) {
-            if (error instanceof errors_utils_1.BadRequestError || error instanceof errors_utils_1.ValidationError) {
+            if (error instanceof errors_utils_1.BadRequestError ||
+                error instanceof errors_utils_1.ValidationError) {
                 throw error;
             }
-            throw new errors_utils_1.BadRequestError("Failed to generate access token");
+            throw new errors_utils_1.BadRequestError('Failed to generate access token');
         }
     }
     /**
@@ -97,14 +66,17 @@ class JWTManager {
     async generateRefreshToken(payload) {
         try {
             this.validatePayload(payload);
-            const token = (0, signToken_1.signToken)(payload, this.refreshSecret, this.refreshExpiry, { algorithm: "HS256" });
+            const token = (0, signToken_1.signToken)(payload, this.refreshSecret, this.refreshExpiry, {
+                algorithm: 'HS256',
+            });
             return token;
         }
         catch (error) {
-            if (error instanceof errors_utils_1.BadRequestError || error instanceof errors_utils_1.ValidationError) {
+            if (error instanceof errors_utils_1.BadRequestError ||
+                error instanceof errors_utils_1.ValidationError) {
                 throw error;
             }
-            throw new errors_utils_1.BadRequestError("Failed to generate refresh token");
+            throw new errors_utils_1.BadRequestError('Failed to generate refresh token');
         }
     }
     /**
@@ -112,36 +84,41 @@ class JWTManager {
      */
     async verifyAccessToken(token) {
         try {
-            if (!token || typeof token !== "string") {
-                throw new errors_utils_1.ValidationError("Access token must be a non-empty string");
+            if (!token || typeof token !== 'string') {
+                throw new errors_utils_1.ValidationError('Access token must be a non-empty string');
             }
             const cacheKey = `access_${token}`;
             if (this.cache) {
                 const cached = this.cache.get(cacheKey);
-                if (cached) {
+                if (cached && Date.now() - cached.timestamp <= this.cacheTTL) {
                     if (!cached.valid) {
-                        throw new errors_utils_1.UnauthorizedError("Access token is invalid or expired");
+                        throw new errors_utils_1.UnauthorizedError('Access token is invalid or expired');
                     }
                     return cached.payload;
                 }
             }
             const decoded = (0, verify_1.verifyToken)(token, this.accessSecret);
             if (this.cache) {
-                this.cache.set(cacheKey, { valid: true, payload: decoded });
+                this.cache.set(cacheKey, {
+                    valid: true,
+                    payload: decoded,
+                    timestamp: Date.now(),
+                });
             }
             return decoded;
         }
         catch (error) {
-            if (error instanceof errors_utils_1.ValidationError || error instanceof errors_utils_1.UnauthorizedError) {
+            if (error instanceof errors_utils_1.ValidationError ||
+                error instanceof errors_utils_1.UnauthorizedError) {
                 throw error;
             }
-            if (error instanceof Error && error.name === "TokenExpiredError") {
-                throw new errors_utils_1.UnauthorizedError("Access token has expired");
+            if (error instanceof Error && error.name === 'TokenExpiredError') {
+                throw new errors_utils_1.UnauthorizedError('Access token has expired');
             }
-            if (error instanceof Error && error.name === "JsonWebTokenError") {
-                throw new errors_utils_1.UnauthorizedError("Access token is invalid");
+            if (error instanceof Error && error.name === 'JsonWebTokenError') {
+                throw new errors_utils_1.UnauthorizedError('Access token is invalid');
             }
-            throw new errors_utils_1.UnauthorizedError("Failed to verify access token");
+            throw new errors_utils_1.UnauthorizedError('Failed to verify access token');
         }
     }
     /**
@@ -149,36 +126,37 @@ class JWTManager {
      */
     async verifyRefreshToken(token) {
         try {
-            if (!token || typeof token !== "string") {
-                throw new errors_utils_1.ValidationError("Refresh token must be a non-empty string");
+            if (!token || typeof token !== 'string') {
+                throw new errors_utils_1.ValidationError('Refresh token must be a non-empty string');
             }
             const cacheKey = `refresh_${token}`;
             if (this.cache) {
                 const cached = this.cache.get(cacheKey);
                 if (cached) {
                     if (!cached.valid) {
-                        throw new errors_utils_1.UnauthorizedError("Refresh token is invalid or expired");
+                        throw new errors_utils_1.UnauthorizedError('Refresh token is invalid or expired');
                     }
                     return cached.payload;
                 }
             }
             const decoded = (0, verify_1.verifyToken)(token, this.refreshSecret);
             if (this.cache) {
-                this.cache.set(cacheKey, { valid: true, payload: decoded });
+                this.cache.set(cacheKey, { valid: true, payload: decoded, timestamp: Date.now() });
             }
             return decoded;
         }
         catch (error) {
-            if (error instanceof errors_utils_1.ValidationError || error instanceof errors_utils_1.UnauthorizedError) {
+            if (error instanceof errors_utils_1.ValidationError ||
+                error instanceof errors_utils_1.UnauthorizedError) {
                 throw error;
             }
-            if (error instanceof Error && error.name === "TokenExpiredError") {
-                throw new errors_utils_1.UnauthorizedError("Refresh token has expired");
+            if (error instanceof Error && error.name === 'TokenExpiredError') {
+                throw new errors_utils_1.UnauthorizedError('Refresh token has expired');
             }
-            if (error instanceof Error && error.name === "JsonWebTokenError") {
-                throw new errors_utils_1.UnauthorizedError("Refresh token is invalid");
+            if (error instanceof Error && error.name === 'JsonWebTokenError') {
+                throw new errors_utils_1.UnauthorizedError('Refresh token is invalid');
             }
-            throw new errors_utils_1.UnauthorizedError("Failed to verify refresh token");
+            throw new errors_utils_1.UnauthorizedError('Failed to verify refresh token');
         }
     }
     /**
@@ -186,8 +164,8 @@ class JWTManager {
      */
     decodeToken(token, complete = false) {
         try {
-            if (!token || typeof token !== "string") {
-                throw new errors_utils_1.ValidationError("Token must be a non-empty string");
+            if (!token || typeof token !== 'string') {
+                throw new errors_utils_1.ValidationError('Token must be a non-empty string');
             }
             return jsonwebtoken_1.default.decode(token, { complete });
         }
@@ -203,11 +181,11 @@ class JWTManager {
      */
     extractTokenFromHeader(authHeader) {
         try {
-            if (!authHeader || typeof authHeader !== "string") {
+            if (!authHeader || typeof authHeader !== 'string') {
                 return null;
             }
-            const parts = authHeader.split(" ");
-            if (parts.length !== 2 || parts[0] !== "Bearer") {
+            const parts = authHeader.split(' ');
+            if (parts.length !== 2 || parts[0] !== 'Bearer') {
                 return null;
             }
             return parts[1];
@@ -221,7 +199,7 @@ class JWTManager {
      */
     validateToken(token, secret, options = {}) {
         try {
-            if (!token || typeof token !== "string") {
+            if (!token || typeof token !== 'string') {
                 return false;
             }
             const result = (0, verify_1.safeVerifyToken)(token, secret);
@@ -236,12 +214,12 @@ class JWTManager {
      */
     async rotateRefreshToken(oldToken) {
         try {
-            if (!oldToken || typeof oldToken !== "string") {
-                throw new errors_utils_1.ValidationError("Old refresh token must be a non-empty string");
+            if (!oldToken || typeof oldToken !== 'string') {
+                throw new errors_utils_1.ValidationError('Old refresh token must be a non-empty string');
             }
             const decoded = await this.verifyRefreshToken(oldToken);
-            if (typeof decoded === "string") {
-                throw new errors_utils_1.ValidationError("Invalid token payload — expected JWT payload object");
+            if (typeof decoded === 'string') {
+                throw new errors_utils_1.ValidationError('Invalid token payload — expected JWT payload object');
             }
             // Create new payload without issued/expired timestamps
             const payload = { ...decoded };
@@ -252,10 +230,11 @@ class JWTManager {
             return newToken;
         }
         catch (error) {
-            if (error instanceof errors_utils_1.ValidationError || error instanceof errors_utils_1.UnauthorizedError) {
+            if (error instanceof errors_utils_1.ValidationError ||
+                error instanceof errors_utils_1.UnauthorizedError) {
                 throw error;
             }
-            throw new errors_utils_1.BadRequestError("Failed to rotate refresh token");
+            throw new errors_utils_1.BadRequestError('Failed to rotate refresh token');
         }
     }
     /**
@@ -301,18 +280,19 @@ class JWTManager {
     getCacheStats() {
         if (!this.cache)
             return null;
+        // Note: LRUCache doesn't expose internal size, so we return maxSize only
         return {
-            size: this.cache.cache.size,
-            maxSize: this.cache.maxSize
+            size: -1, // Size not available from LRUCache
+            maxSize: this.cache.maxSize,
         };
     }
     // Private helper methods
     validatePayload(payload) {
-        if (!payload || typeof payload !== "object") {
-            throw new errors_utils_1.ValidationError("Payload must be a non-null object");
+        if (!payload || typeof payload !== 'object') {
+            throw new errors_utils_1.ValidationError('Payload must be a non-null object');
         }
         if (Object.keys(payload).length === 0) {
-            throw new errors_utils_1.ValidationError("Payload cannot be empty");
+            throw new errors_utils_1.ValidationError('Payload cannot be empty');
         }
     }
 }

package/dist/cjs/core/jwt/parseDuration.js

@@ -6,16 +6,16 @@ const TIME_UNITS = {
     m: 60,
     h: 3600,
     d: 86400,
-    w: 604800
+    w: 604800,
 };
 function parseDuration(input) {
-    if (typeof input === "number")
+    if (typeof input === 'number')
         return input;
     const regex = /(\d+)\s*(s|m|h|d|w)/gi;
     let totalSeconds = 0;
     let match;
     while ((match = regex.exec(input)) !== null) {
-        const value = parseInt(match[1], 10);
+        const value = Number.parseInt(match[1], 10);
         const unit = match[2].toLowerCase();
         if (!TIME_UNITS[unit]) {
             throw new Error(`Invalid time unit: ${unit}`);

package/dist/cjs/core/jwt/signToken.d.ts

@@ -1,2 +1,2 @@
-import { Secret, SignOptions } from "jsonwebtoken";
+import { type Secret, type SignOptions } from 'jsonwebtoken';
 export declare const signToken: (payload: Record<string, unknown>, secret: Secret, expiresIn?: string | number, options?: SignOptions) => string;

package/dist/cjs/core/jwt/signToken.js

@@ -6,21 +6,21 @@ const parseDuration_1 = require("./parseDuration");
 function getExpiryTimestamp(seconds) {
     return Math.floor(Date.now() / 1000) + seconds;
 }
-const signToken = (payload, secret, expiresIn = "1h", options = {}) => {
+const signToken = (payload, secret, expiresIn = '1h', options = {}) => {
     const seconds = (0, parseDuration_1.parseDuration)(expiresIn);
     if (!seconds || seconds < 10) {
-        throw new Error("Token expiry too small");
+        throw new Error('Token expiry too small');
     }
     const tokenPayload = {
-        ...payload
+        ...payload,
     };
-    if (!("exp" in payload))
+    if (!('exp' in payload))
         tokenPayload.exp = getExpiryTimestamp(seconds);
-    if (!("iat" in payload))
+    if (!('iat' in payload))
         tokenPayload.iat = Math.floor(Date.now() / 1000);
     return (0, jsonwebtoken_1.sign)(tokenPayload, secret, {
-        algorithm: "HS256",
-        ...options
+        algorithm: 'HS256',
+        ...options,
     });
 };
 exports.signToken = signToken;

package/dist/cjs/core/jwt/types.d.ts

@@ -1,4 +1,4 @@
-import { JwtPayload } from "jsonwebtoken";
+import type { JwtPayload } from 'jsonwebtoken';
 export interface AccessTokenBrand {
     readonly access: unique symbol;
 }

package/dist/cjs/core/jwt/validateToken.d.ts

@@ -1,8 +1,8 @@
-import { JwtPayload } from "node_modules/@types/jsonwebtoken";
+import type { JwtPayload } from 'node_modules/@types/jsonwebtoken';
 export interface TokenRequirements {
     requiredFields?: string[];
     forbiddenFields?: string[];
-    validateTypes?: Record<string, "string" | "number" | "boolean">;
+    validateTypes?: Record<string, 'string' | 'number' | 'boolean'>;
 }
 export declare function validateTokenPayload(payload: Record<string, unknown>, rules?: TokenRequirements): {
     valid: true;