secure-web-token 1.0.4 → 1.0.5

package/dist/device.d.ts

@@ -1,8 +1,5 @@
 /**
- * Generate a secure, random device ID.
- * Used for Device Registration Model.
- *
- * @returns UUID v4 string
+ * Generates a unique device identifier
  */
 export declare function generateDeviceId(): string;
 //# sourceMappingURL=device.d.ts.map

package/dist/device.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"device.d.ts","sourceRoot":"","sources":["../src/device.ts"],"names":[],"mappings":"AAEA;;;;;GAKG;AACH,wBAAgB,gBAAgB,IAAI,MAAM,CAEzC"}
+{"version":3,"file":"device.d.ts","sourceRoot":"","sources":["../src/device.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,MAAM,CAEzC"}

package/dist/device.js

@@ -1,46 +1,10 @@
 "use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.generateDeviceId = generateDeviceId;
-const crypto = __importStar(require("crypto"));
+const crypto_1 = require("crypto");
 /**
- * Generate a secure, random device ID.
- * Used for Device Registration Model.
- *
- * @returns UUID v4 string
+ * Generates a unique device identifier
  */
 function generateDeviceId() {
-    return crypto.randomUUID();
+    return (0, crypto_1.randomUUID)();
 }

package/dist/sign.d.ts

@@ -8,14 +8,19 @@ export interface SignOptions {
      */
     expiresIn?: number;
     /**
-     * true → auto-generate device ID
-     * string | string[] → custom fingerprints
+     * true → auto-generate a device ID
      */
     fingerprint?: true;
 }
 /**
  * Creates a Secure Web Token (SWT).
- * User data is stored inside `payload.data`.
+ * Payload structure:
+ * {
+ *   data: {...},
+ *   iat,
+ *   exp,
+ *   fp
+ * }
  */
 export default function sign(data: Record<string, any>, secret: string, options?: SignOptions): {
     token: string;

package/dist/sign.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sign.d.ts","sourceRoot":"","sources":["../src/sign.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,WAAW,CAAC,EAAE,IAAI,CAAC;CACpB;AAED;;;GAGG;AACH,MAAM,CAAC,OAAO,UAAU,IAAI,CAC1B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,WAAgB,GACxB;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,CA4CtC"}
+{"version":3,"file":"sign.d.ts","sourceRoot":"","sources":["../src/sign.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,WAAW,CAAC,EAAE,IAAI,CAAC;CACpB;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,OAAO,UAAU,IAAI,CAC1B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,WAAgB,GACxB;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,CA4CtC"}

package/dist/sign.js

@@ -43,7 +43,13 @@ const utils_1 = require("./utils");
 const device_1 = require("./device");
 /**
  * Creates a Secure Web Token (SWT).
- * User data is stored inside `payload.data`.
+ * Payload structure:
+ * {
+ *   data: {...},
+ *   iat,
+ *   exp,
+ *   fp
+ * }
  */
 function sign(data, secret, options = {}) {
     if (!secret || typeof secret !== "string") {
@@ -54,19 +60,19 @@ function sign(data, secret, options = {}) {
     }
     const now = Math.floor(Date.now() / 1000);
     const payload = {
-        data, // 👈 user data lives here
+        data,
         iat: now,
-        exp: now + (options.expiresIn ?? 900),
+        exp: now + (options.expiresIn ?? 900)
     };
     let deviceId;
-    // 🔐 Device Registration Model
+    // 🔐 Single-device registration
     if (options.fingerprint === true) {
         deviceId = (0, device_1.generateDeviceId)();
-        payload.fp = [deviceId];
+        payload.fp = deviceId;
     }
     const header = {
         alg: "AES-256-GCM+HMAC",
-        typ: "SWT",
+        typ: "SWT"
     };
     const encodedHeader = (0, utils_1.base64urlEncode)(JSON.stringify(header));
     const encryptedPayload = (0, encrypt_1.default)(payload, secret);
@@ -77,6 +83,6 @@ function sign(data, secret, options = {}) {
         .digest("base64url");
     return {
         token: `${dataToSign}.${signature}`,
-        deviceId,
+        deviceId
     };
 }

package/dist/verify.d.ts

@@ -3,12 +3,12 @@
  */
 export interface VerifyOptions {
     /**
-     * Device fingerprint(s) allowed to verify token
+     * Device fingerprint for verification
      */
     fingerprint?: string;
 }
 /**
- * Verifies and decrypts a Secure Web Token.
+ * Verifies and decrypts a Secure Web Token (SWT)
  */
 export default function verify(token: string, secret: string, options?: VerifyOptions): Record<string, any>;
 //# sourceMappingURL=verify.d.ts.map

package/dist/verify.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAIA;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,CAAC,OAAO,UAAU,MAAM,CAC5B,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,aAAkB,GAC1B,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAmDrB"}
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAIA;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,CAAC,OAAO,UAAU,MAAM,CAC5B,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,aAAkB,GAC1B,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CA+CrB"}

package/dist/verify.js

@@ -41,7 +41,7 @@ const crypto = __importStar(require("crypto"));
 const decrypt_1 = __importDefault(require("./decrypt"));
 const utils_1 = require("./utils");
 /**
- * Verifies and decrypts a Secure Web Token.
+ * Verifies and decrypts a Secure Web Token (SWT)
  */
 function verify(token, secret, options = {}) {
     if (!token || typeof token !== "string") {
@@ -68,11 +68,9 @@ function verify(token, secret, options = {}) {
     if (!payload.data || typeof payload.data !== "object") {
         throw new Error("Invalid payload structure");
     }
+    // 🔐 Single-device verification
     if (options.fingerprint) {
-        const provided = options.fingerprint;
-        const stored = payload.fp;
-        const matched = provided === stored;
-        if (!matched) {
+        if (payload.fp !== options.fingerprint) {
             throw new Error("Fingerprint mismatch");
         }
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "secure-web-token",
-  "version": "1.0.4",
+  "version": "1.0.5",
   "description": "A secure web token utility",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",