jsonauthtoken 1.0.0

package/README.md

@@ -0,0 +1,66 @@
+# jsonauthtoken
+
+jsonauthtoken is a JavaScript library to secure authentication.
+
+## Overview
+
+This project demonstrates the usage of the `jsonauthtoken` package to create and verify secure encrypted authentication tokens and store sensitive datas. Tokens are used to sign and encrypt data for secure communication. The `jsonauthtoken` library provides methods to generate and verify tokens with configurable expiration times, hashing algorithms, and payload data.
+
+
+## Node.js (Install)
+
+Requirements:
+
+- Node.js
+- npm (Node.js package manager)
+
+```bash
+npm install jsonauthtoken
+```
+
+### Usage
+
+To create jsonauthtoken:
+
+```javascript
+import jat from "jsonauthtoken";
+
+// Create a token
+let encToken = jat().create(
+    {
+        signKey: process.env.SIGN_KEY, // Signature key
+        encKey: process.env.ENC_KEY   // Encryption key
+    },
+    {
+        expiresAt: '4MIN',            // Token expiration time
+        algorithm: 'sha256'           // Optional: Hash algorithms list ['sha256', 'sha384', 'sha512'] 
+    },
+    {
+        data: {                       // Data payload
+            status: true,
+            name:'Arpan Biswas'
+            dob: '15.11.2008'
+        }
+    }
+);
+
+console.log("encToken: ", encToken);
+
+```
+
+To decrypt and verify jsonauthtoken:
+
+```javascript
+import jat from "jsonauthtoken";
+
+// Decrypt and verify jsonauthtoken
+
+let token = 'your-token-here';  // Replace with your generated token
+let datas = jat().verify(token, {
+    signKey: process.env.SIGN_KEY, // Signature key
+    encKey: process.env.ENC_KEY    // Encryption key
+});
+
+console.log("Enc Data: ", datas);
+
+```

package/index.js

@@ -0,0 +1,84 @@
+import encoading from './lib/encoading.lib.js'
+import decoading from './lib/decoading.lib.js'
+import signature from './lib/signature.lib.js'
+import encryption from './lib/encryption.lib.js'
+import decryption from './lib/decryption.lib.js'
+import { algoMatching, parseExpiration, isExpired } from './lib/functions.lib.js'
+
+function jat() {
+
+
+    const algorithms = ['sha256', 'sha384', 'sha512']
+
+    /////////////////////---------------  create token  ---------------------/////////////////////////
+    const create = (keys, headers = {}, payloads = {}) => {
+
+        let {signKey, encKey} = keys
+        if(!signKey) throw new Error("please provide signkey");
+        if(!encKey) throw new Error("please provide encKey");
+        
+
+        let exp = ''
+        if (headers.expiresAt) exp = parseExpiration(headers.expiresAt)
+        else throw new Error("please provide token expire")
+
+        let algo = algoMatching(algorithms, 'sha512', headers.algo)
+
+        let header = encoading({
+            token: 'JAT',
+            algorithm: algo,
+            createAt: Math.floor(Date.now() / 1000),
+            expiresAt: exp,
+        })
+
+        if (typeof (payloads) != 'object') throw new Error("payload should be Object");
+        let payload = encoading(payloads)
+
+        let sign = signature().createSign(algo, signKey, header, payload)
+
+        let token = header + '.' + payload + '.' + sign
+        let encryptedToken = encryption(encKey, token)
+        return encryptedToken
+    }
+
+
+    /////////////////////---------------  verify token  ---------------------/////////////////////////
+    const verify = (encryptedToken, keys) => {
+        let token = ''
+        let header = ''
+        let payload = ''
+
+        let {signKey, encKey} = keys
+        if(!signKey) throw new Error("please provide signkey");
+        if(!encKey) throw new Error("please provide encKey");
+
+        //decrypt token
+        try {
+            token = decryption(encryptedToken, encKey)
+        } catch (error) {
+            throw new Error('unable to decrypt token')
+        }
+
+        //verify token signature
+        let isSignVerified = signature().verifySign(token, signKey)
+        if (isSignVerified === false) {
+            throw new Error('Invalid signature')
+        }
+
+        //
+        const [encodedHeader, encodedPayload, sign] = token.split('.');
+
+        header = decoading(encodedHeader)
+        if(isExpired(header.expiresAt)) throw new Error('token is expired')
+
+        payload = decoading(encodedPayload)
+
+        return {header,payload}
+    }
+    return { create, verify }
+}
+
+
+
+
+export default jat

package/lib/decoading.lib.js

@@ -0,0 +1,14 @@
+const decoading = (str) => {
+   // Replace URL-safe characters with standard Base64 characters
+  const base64 = str.replace(/-/g, '+').replace(/_/g, '/');
+
+  // Add padding if necessary
+  const padding = '='.repeat((4 - base64.length % 4) % 4);
+  
+  // Decode the Base64 string
+  const decoded = Buffer.from(base64 + padding, 'base64').toString('utf8');
+  
+  return JSON.parse(decoded);
+  };
+
+export default decoading

package/lib/decryption.lib.js

@@ -0,0 +1,18 @@
+import exp from 'constants';
+import crypto from 'crypto'
+
+function decryption(encryptedToken, password) {
+    const parts = encryptedToken.split(':');
+    const iv = Buffer.from(parts.shift(), 'hex'); // Get the IV
+    const encryptedTokenBuffer = Buffer.from(parts.join(':'), 'hex');
+    const key = crypto.scryptSync(password, 'salt', 32);
+    
+    const decipher = crypto.createDecipheriv('aes-256-cbc', key, iv);
+    
+    let decrypted = decipher.update(encryptedTokenBuffer, 'binary', 'utf8');
+    decrypted += decipher.final('utf8');
+    
+    return decrypted;
+    
+}
+export default decryption

package/lib/encoading.lib.js

@@ -0,0 +1,7 @@
+function encoading(data) {
+    const json = JSON.stringify(data);
+    const base64 = Buffer.from(json).toString('base64');
+    return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
+  }
+
+export default encoading

package/lib/encryption.lib.js

@@ -0,0 +1,15 @@
+import crypto from 'crypto'
+
+function encryption(password,token){
+    const iv = crypto.randomBytes(16); // Initialization vector
+    const key = crypto.scryptSync(password, 'salt', 32); // Key derivation
+    const cipher = crypto.createCipheriv('aes-256-cbc', key, iv);
+    
+    let encrypted = cipher.update(token, 'utf8', 'hex');
+    encrypted += cipher.final('hex');
+    
+    // Return the IV and encrypted text
+    return iv.toString('hex') + ':' + encrypted;
+}
+
+export default encryption

package/lib/functions.lib.js

@@ -0,0 +1,66 @@
+function algoMatching(algorithms, defaultOutput, input) {
+
+    //check defaultOutput parameter
+    if (!defaultOutput) throw new Error('defaultOutput parameter can not be empty')
+
+    //find the correct algorithm name is given as 'input' or not , if is't return defaultOutput
+    for (let i in algorithms) {
+        if (String(algorithms[i]) === String(input)) defaultOutput = algorithms[i]
+    }
+
+    return defaultOutput
+}
+
+
+function parseExpiration(input) {
+    const regex = /^(\d+)([mhdMHDyY]|MIN)$/; // Regex to match number + unit
+    const match = input.match(regex);
+
+    if (!match) {
+        throw new Error('Invalid format. Use formats like 1M, 1Y, 1D, 1MIN.');
+    }
+
+    const amount = parseInt(match[1], 10);
+    const unit = match[2].toLowerCase(); // Normalize to lowercase
+
+    let seconds;
+
+    switch (unit) {
+        case 'y':
+            seconds = amount * 365 * 24 * 60 * 60; // Years to seconds
+            break;
+        case 'm':
+            seconds = amount * 30 * 24 * 60 * 60; // Months to seconds (approximation)
+            break;
+        case 'd':
+            seconds = amount * 24 * 60 * 60; // Days to seconds
+            break;
+        case 'h':
+            seconds = amount * 60 * 60; // Hours to seconds
+            break;
+        case 'min':
+            seconds = amount * 60; // Minutes to seconds
+            break;
+        default:
+            throw new Error('Unsupported time unit. Use M, Y, D, H, or MIN.');
+    }
+
+
+    return Math.floor(Date.now() / 1000) + seconds; // Current time + expiration time
+}
+
+
+function isExpired(timeStamp) {
+    let currentTime = Math.floor(Date.now() / 1000)
+    if (timeStamp < currentTime) {
+        return true
+    }
+    else {
+        return false
+    }
+}
+
+
+
+
+export { algoMatching, parseExpiration, isExpired }

package/lib/signature.lib.js

@@ -0,0 +1,26 @@
+import crypto from 'crypto'
+import decoading from './decoading.lib.js';
+
+const signature = () => {
+
+    const createSign = (algorithm, key, header, payload) => {
+        const signature = crypto
+            .createHmac(algorithm, key)
+            .update(header + '.' + payload)
+            .digest('base64url');
+        return signature
+    }
+
+    const verifySign = (token,key) => {
+        const [encodedHeader, encodedPayload, signature] = token.split('.');
+        const header= decoading(encodedHeader)
+
+        let newSign=createSign(header.algorithm, key, encodedHeader, encodedPayload)
+
+        if(newSign == signature) return true
+        else return false
+    }
+    return { createSign, verifySign }
+}
+
+export default signature

package/package.json

@@ -0,0 +1,28 @@
+{
+  "name": "jsonauthtoken",
+  "version": "1.0.0",
+  "description": "jsonauthtoken is a JavaScript library to secure authentication.",
+  "main": "index.js",
+  "type": "module",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/iamAyanBiswas/jsonauthtoken"
+  },
+  "scripts": {
+    "test": "node index.js"
+  },
+  "author": "Ayan Biswas",
+  "license": "ISC",
+  "keywords": [
+    "jat",
+    "jwt",
+    "jsonauthtoken",
+    "jsonwebtoken",
+    "auth",
+    "authentication",
+    "sha256",
+    "sha384",
+    "sha512"
+  ]
+}
+