npm - @tozielinski/next-upstash-nonce - Versions diffs - 1.2.2 → 1.3.0 - Mend

@tozielinski/next-upstash-nonce 1.2.2 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,19 @@
 # Changelog
+## [1.3.0](https://github.com/tozielinski/next-upstash-nonce/compare/v1.2.3...v1.3.0) (2025-11-22)
+### Features
+* create two new methods, to check nonces in the header of a request [verifyNonceFromRequest(), verifyAndDeleteNonceFromRequest()] ([a768479](https://github.com/tozielinski/next-upstash-nonce/commit/a76847993bb7fe66bf21900d83eb1ca5760d8afa))
+## [1.2.3](https://github.com/tozielinski/next-upstash-nonce/compare/v1.2.2...v1.2.3) (2025-11-21)
+### Bug Fixes
+* dist folder was missing on build ([8afc1d5](https://github.com/tozielinski/next-upstash-nonce/commit/8afc1d5a0add63b1779a08cc4b1e4249ba3cfed9))
 ## [1.2.2](https://github.com/tozielinski/next-upstash-nonce/compare/v1.2.1...v1.2.2) (2025-11-21)

package/dist/index.js ADDED Viewed

@@ -0,0 +1,128 @@
+'use server';
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NonceManager = void 0;
+const uuid_1 = require("uuid");
+class NonceManager {
+    redis;
+    length;
+    ttlSeconds;
+    prefix;
+    constructor(redis, opts = {}) {
+        this.redis = redis;
+        this.length = opts.length ?? 32; // default 32 bytes -> 64 hex chars
+        this.ttlSeconds = opts.ttlSeconds ?? 60 * 5; // default 5 minutes
+        this.prefix = opts.prefix ?? "nonce:";
+    }
+    /**
+     * generates a new, secure nonce,
+     * inserts it into Redis with a TTL,
+     * and returns the nonce string.
+     */
+    async create() {
+        const nonce = (0, uuid_1.v4)();
+        const key = this.prefix + nonce;
+        await this.redis.set(key, "1", { ex: this.ttlSeconds });
+        return nonce;
+    }
+    /**
+     * verifies a nonce and deletes it from Redis,
+     * returning true if the nonce exists and has not expired.
+     */
+    async verify(nonce) {
+        if (!nonce)
+            return false;
+        try {
+            const res = await this.redis.get(`nonce:${nonce}`);
+            return res !== null;
+        }
+        catch (err) {
+            console.error("verify error:", err);
+            return false;
+        }
+    }
+    /**
+     * verifies a nonce and deletes it from Redis,
+     * returning true if the nonce exists and has not expired.
+     */
+    async verifyAndDelete(nonce) {
+        if (!nonce)
+            return false;
+        try {
+            const res = await this.redis.get(`nonce:${nonce}`);
+            // const res = await (this.redis as any).eval(script, { keys: [key] });
+            if (res)
+                await this.redis.del(`nonce:${nonce}`);
+            return res !== null;
+        }
+        catch (err) {
+            console.error("verifyAndDelete error:", err);
+            return false;
+        }
+    }
+    /**
+     * verifies a nonce from the Header of a request
+     * returns a NonceCheckResult if the nonce exists and has not expired.
+     */
+    async verifyNonceFromRequest(req) {
+        const nonce = req.headers.get("x-api-nonce");
+        if (!nonce) {
+            const response = Response.json({ error: "Missing x-api-nonce header" }, { status: 403 });
+            return {
+                valid: false,
+                reason: "missing-header",
+                response,
+            };
+        }
+        const valid = await this.verify(nonce);
+        if (!valid) {
+            const response = Response.json({ error: "Invalid or expired nonce" }, { status: 403 });
+            return {
+                valid: false,
+                reason: "invalid-or-expired",
+                response,
+            };
+        }
+        return {
+            valid: true,
+            nonce,
+        };
+    }
+    /**
+     * verifies a nonce from the Header of a request and deletes it from Redis
+     * returns a NonceCheckResult if the nonce exists and has not expired.
+     */
+    async verifyAndDeleteNonceFromRequest(req) {
+        const nonce = req.headers.get("x-api-nonce");
+        if (!nonce) {
+            const response = Response.json({ error: "Missing x-api-nonce header" }, { status: 403 });
+            return {
+                valid: false,
+                reason: "missing-header",
+                response,
+            };
+        }
+        const valid = await this.verifyAndDelete(nonce);
+        if (!valid) {
+            const response = Response.json({ error: "Invalid or expired nonce" }, { status: 403 });
+            return {
+                valid: false,
+                reason: "invalid-or-expired",
+                response,
+            };
+        }
+        return {
+            valid: true,
+            nonce,
+        };
+    }
+    /**
+     * Optional: delete a nonce from Redis manually
+     */
+    async delete(nonce) {
+        const key = this.prefix + nonce;
+        await this.redis.del(key);
+    }
+}
+exports.NonceManager = NonceManager;
+exports.default = NonceManager;

package/package.json CHANGED Viewed

@@ -1,9 +1,9 @@
 {
   "name": "@tozielinski/next-upstash-nonce",
-  "version": "1.2.2",
+  "version": "1.3.0",
   "description": "Create, store, verify and delete nonces in Redis by Upstash for Next.js",
-  "main": "dist/index.js",
-  "types": "dist/index.d.ts",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
   "publishConfig": {
     "access": "public"
   },
@@ -32,7 +32,6 @@
   "homepage": "https://github.com/tozielinski/next-upstash-nonce#readme",
   "dependencies": {
     "@upstash/redis": "1.22.0",
-    "crypto": "^1.0.1",
     "uuid": "^13.0.0"
   },
   "devDependencies": {

package/src/index.js DELETED Viewed

@@ -1,70 +0,0 @@
-'use server';
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.NonceManager = void 0;
-const uuid_1 = require("uuid");
-class NonceManager {
-    redis;
-    length;
-    ttlSeconds;
-    prefix;
-    constructor(redis, opts = {}) {
-        this.redis = redis;
-        this.length = opts.length ?? 32; // default 32 bytes -> 64 hex chars
-        this.ttlSeconds = opts.ttlSeconds ?? 60 * 5; // default 5 minutes
-        this.prefix = opts.prefix ?? "nonce:";
-    }
-    /**
-     * generates a new, secure nonce,
-     * inserts it into Redis with a TTL,
-     * and returns the nonce string.
-     */
-    async create() {
-        // const buffer = crypto.randomBytes(this.length);
-        // const nonce = buffer.toString("hex");
-        const nonce = (0, uuid_1.v4)();
-        const key = this.prefix + nonce;
-        // console.log("creating nonce:", nonce);
-        // set with ttl (nx not required — collisions extremely unlikely)
-        await this.redis.set(key, "1", { ex: this.ttlSeconds });
-        return nonce;
-    }
-    /**
-     * verifies a nonce and deletes it from Redis,
-     * returning true if the nonce exists and has not expired.
-     */
-    async verifyAndDelete(nonce) {
-        if (!nonce)
-            return false;
-        //       const key = this.prefix + nonce;
-        //
-        //       const script = `
-        //   local v = redis.call('GET', KEYS[1])
-        //   if v then
-        //     redis.call('DEL', KEYS[1])
-        //     return v
-        //   end
-        //   return nil
-        // `;
-        try {
-            const res = await this.redis.get(`nonce:${nonce}`);
-            // const res = await (this.redis as any).eval(script, { keys: [key] });
-            if (res)
-                await this.redis.del(`nonce:${nonce}`);
-            return res !== null;
-        }
-        catch (err) {
-            console.error("verifyAndDelete error:", err);
-            return false;
-        }
-    }
-    /**
-     * Optional: delete a nonce from Redis manually
-     */
-    async delete(nonce) {
-        const key = this.prefix + nonce;
-        await this.redis.del(key);
-    }
-}
-exports.NonceManager = NonceManager;
-exports.default = NonceManager;

package/src/index.ts DELETED Viewed

@@ -1,85 +0,0 @@
-'use server'
-import { Redis } from "@upstash/redis";
-import {v4 as uuid} from "uuid";
-// import crypto from "crypto";
-export type NonceOptions = {
-    length?: number; // bytes
-    ttlSeconds?: number; // Time-to-live in Redis
-    prefix?: string;
-};
-export class NonceManager {
-    private redis: Redis;
-    private length: number;
-    private ttlSeconds: number;
-    private prefix: string;
-    constructor(redis: Redis, opts: NonceOptions = {}) {
-        this.redis = redis;
-        this.length = opts.length ?? 32; // default 32 bytes -> 64 hex chars
-        this.ttlSeconds = opts.ttlSeconds ?? 60 * 5; // default 5 minutes
-        this.prefix = opts.prefix ?? "nonce:";
-    }
-    /**
-     * generates a new, secure nonce,
-     * inserts it into Redis with a TTL,
-     * and returns the nonce string.
-     */
-    async create(): Promise<string> {
-        // const buffer = crypto.randomBytes(this.length);
-        // const nonce = buffer.toString("hex");
-        const nonce = uuid();
-        const key = this.prefix + nonce;
-// console.log("creating nonce:", nonce);
-// set with ttl (nx not required — collisions extremely unlikely)
-        await this.redis.set(key, "1", { ex: this.ttlSeconds });
-        return nonce;
-    }
-    /**
-     * verifies a nonce and deletes it from Redis,
-     * returning true if the nonce exists and has not expired.
-     */
-    async verifyAndDelete(nonce: string): Promise<boolean> {
-        if (!nonce) return false;
-  //       const key = this.prefix + nonce;
-  //
-  //       const script = `
-  //   local v = redis.call('GET', KEYS[1])
-  //   if v then
-  //     redis.call('DEL', KEYS[1])
-  //     return v
-  //   end
-  //   return nil
-  // `;
-        try {
-            const res = await (this.redis as any).get(`nonce:${nonce}`);
-            // const res = await (this.redis as any).eval(script, { keys: [key] });
-            if (res) await this.redis.del(`nonce:${nonce}`);
-            return res !== null;
-        } catch (err) {
-            console.error("verifyAndDelete error:", err);
-            return false;
-        }
-    }
-    /**
-     * Optional: delete a nonce from Redis manually
-     */
-    async delete(nonce: string): Promise<void> {
-        const key = this.prefix + nonce;
-        await this.redis.del(key);
-    }
-}
-export default NonceManager;

package/tsconfig.json DELETED Viewed

@@ -1,13 +0,0 @@
-{
-  "compilerOptions": {
-    "target": "ES2022",
-    "module": "NodeNext",
-    "moduleResolution": "NodeNext",
-    "esModuleInterop": true,
-    "forceConsistentCasingInFileNames": true,
-    "strict": true,
-    "skipLibCheck": true,
-    "types": ["node"]
-  },
-  "include": ["src"]
-}