secure-web-token 1.0.3 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/README.md +2 -21
  2. package/dist/sign.d.ts +1 -1
  3. package/dist/sign.d.ts.map +1 -1
  4. package/dist/sign.js +0 -5
  5. package/package.json +1 -1
package/README.md CHANGED
@@ -2,9 +2,9 @@
2
2
 
3
3
  ## 1. About the Package
4
4
 
5
- **Secure Web Token (SWT)** is a Node.js authentication package that provides a more secure alternative to JWT by **encrypting token payloads** and **binding tokens to specific devices** using fingerprints.
5
+ **Secure Web Token (SWT)** operates on a strict **Device Registration Model**, providing a significant security upgrade over traditional JWTs. Through **AES-256-GCM encryption** and enforced **device-fingerprint binding**, SWT ensures that authentication tokens are intrinsically locked to specific devices, effectively neutralizing risks associated with token leakage and unauthorized access.
6
6
 
7
- It is designed for applications where security and device-level access control matter.
7
+ It is designed for mission-critical applications where security and strictly controlled access are paramount.
8
8
 
9
9
  ---
10
10
 
@@ -108,25 +108,6 @@ try {
108
108
 
109
109
  ---
110
110
 
111
- ### Using Custom Fingerprints
112
-
113
- ```js
114
- const { token } = sign(
115
- { userId: 2 },
116
- secret,
117
- {
118
- expiresIn: 60,
119
- fingerprint: ["Chrome-Linux", "192.168.1.10"]
120
- }
121
- );
122
-
123
- verify(token, secret, {
124
- fingerprint: "Chrome-Linux"
125
- });
126
- ```
127
-
128
- ---
129
-
130
111
  ## Payload Structure (Internal)
131
112
 
132
113
  ```js
package/dist/sign.d.ts CHANGED
@@ -11,7 +11,7 @@ export interface SignOptions {
11
11
  * true → auto-generate device ID
12
12
  * string | string[] → custom fingerprints
13
13
  */
14
- fingerprint?: true | string | string[];
14
+ fingerprint?: true;
15
15
  }
16
16
  /**
17
17
  * Creates a Secure Web Token (SWT).
package/dist/sign.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"sign.d.ts","sourceRoot":"","sources":["../src/sign.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,WAAW,CAAC,EAAE,IAAI,GAAG,MAAM,GAAG,MAAM,EAAE,CAAC;CACxC;AAED;;;GAGG;AACH,MAAM,CAAC,OAAO,UAAU,IAAI,CAC1B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,WAAgB,GACxB;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,CAgDtC"}
1
+ {"version":3,"file":"sign.d.ts","sourceRoot":"","sources":["../src/sign.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,WAAW,CAAC,EAAE,IAAI,CAAC;CACpB;AAED;;;GAGG;AACH,MAAM,CAAC,OAAO,UAAU,IAAI,CAC1B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,WAAgB,GACxB;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,CA4CtC"}
package/dist/sign.js CHANGED
@@ -64,11 +64,6 @@ function sign(data, secret, options = {}) {
64
64
  deviceId = (0, device_1.generateDeviceId)();
65
65
  payload.fp = [deviceId];
66
66
  }
67
- else if (options.fingerprint) {
68
- payload.fp = Array.isArray(options.fingerprint)
69
- ? options.fingerprint
70
- : [options.fingerprint];
71
- }
72
67
  const header = {
73
68
  alg: "AES-256-GCM+HMAC",
74
69
  typ: "SWT",
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "secure-web-token",
3
- "version": "1.0.3",
3
+ "version": "1.0.4",
4
4
  "description": "A secure web token utility",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",