secure-web-token 1.0.4 → 1.1.0

package/dist/device.d.ts

@@ -1,8 +1,5 @@
 /**
- * Generate a secure, random device ID.
- * Used for Device Registration Model.
- *
- * @returns UUID v4 string
+ * Generates a unique device identifier
  */
 export declare function generateDeviceId(): string;
 //# sourceMappingURL=device.d.ts.map

package/dist/device.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"device.d.ts","sourceRoot":"","sources":["../src/device.ts"],"names":[],"mappings":"AAEA;;;;;GAKG;AACH,wBAAgB,gBAAgB,IAAI,MAAM,CAEzC"}
+{"version":3,"file":"device.d.ts","sourceRoot":"","sources":["../src/device.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,MAAM,CAEzC"}

package/dist/device.js

@@ -1,46 +1,10 @@
 "use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.generateDeviceId = generateDeviceId;
-const crypto = __importStar(require("crypto"));
+const crypto_1 = require("crypto");
 /**
- * Generate a secure, random device ID.
- * Used for Device Registration Model.
- *
- * @returns UUID v4 string
+ * Generates a unique device identifier
  */
 function generateDeviceId() {
-    return crypto.randomUUID();
+    return (0, crypto_1.randomUUID)();
 }

package/dist/sign.d.ts

@@ -1,22 +1,9 @@
-/**
- * Options for signing a Secure Web Token (SWT)
- */
+import { StoreType } from "./store";
 export interface SignOptions {
-    /**
-     * Token expiry time in seconds
-     * @default 900 (15 minutes)
-     */
     expiresIn?: number;
-    /**
-     * true → auto-generate device ID
-     * string | string[] → custom fingerprints
-     */
     fingerprint?: true;
+    store?: StoreType;
 }
-/**
- * Creates a Secure Web Token (SWT).
- * User data is stored inside `payload.data`.
- */
 export default function sign(data: Record<string, any>, secret: string, options?: SignOptions): {
     token: string;
     deviceId?: string;

package/dist/sign.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sign.d.ts","sourceRoot":"","sources":["../src/sign.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,WAAW,CAAC,EAAE,IAAI,CAAC;CACpB;AAED;;;GAGG;AACH,MAAM,CAAC,OAAO,UAAU,IAAI,CAC1B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,WAAgB,GACxB;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,CA4CtC"}
+{"version":3,"file":"sign.d.ts","sourceRoot":"","sources":["../src/sign.ts"],"names":[],"mappings":"AAIA,OAAO,EAAY,SAAS,EAAE,MAAM,SAAS,CAAC;AAE9C,MAAM,WAAW,WAAW;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,IAAI,CAAC;IACnB,KAAK,CAAC,EAAE,SAAS,CAAC;CACnB;AAED,MAAM,CAAC,OAAO,UAAU,IAAI,CAC1B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,WAAgB,GACxB;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,CAsDtC"}

package/dist/sign.js

@@ -41,10 +41,7 @@ const crypto = __importStar(require("crypto"));
 const encrypt_1 = __importDefault(require("./encrypt"));
 const utils_1 = require("./utils");
 const device_1 = require("./device");
-/**
- * Creates a Secure Web Token (SWT).
- * User data is stored inside `payload.data`.
- */
+const store_1 = require("./store");
 function sign(data, secret, options = {}) {
     if (!secret || typeof secret !== "string") {
         throw new Error("Secret must be a non-empty string");
@@ -52,17 +49,24 @@ function sign(data, secret, options = {}) {
     if (!data || typeof data !== "object") {
         throw new Error("Data must be an object");
     }
+    if (!data.userId) {
+        throw new Error("data.userId is required when using store");
+    }
     const now = Math.floor(Date.now() / 1000);
     const payload = {
-        data, // 👈 user data lives here
+        data,
         iat: now,
         exp: now + (options.expiresIn ?? 900),
     };
     let deviceId;
-    // 🔐 Device Registration Model
+    // 🔐 Fingerprint + store registration
     if (options.fingerprint === true) {
         deviceId = (0, device_1.generateDeviceId)();
-        payload.fp = [deviceId];
+        payload.fp = deviceId;
+        const store = (0, store_1.getStore)(options.store);
+        if (store) {
+            store.register(data.userId, deviceId);
+        }
     }
     const header = {
         alg: "AES-256-GCM+HMAC",

package/dist/store/index.d.ts

@@ -0,0 +1,4 @@
+import { Store } from "./types";
+export type StoreType = "memory";
+export declare function getStore(type?: StoreType): Store | null;
+//# sourceMappingURL=index.d.ts.map

package/dist/store/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/store/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAC;AAEhC,MAAM,MAAM,SAAS,GAAG,QAAQ,CAAC;AAEjC,wBAAgB,QAAQ,CAAC,IAAI,CAAC,EAAE,SAAS,GAAG,KAAK,GAAG,IAAI,CASvD"}

package/dist/store/index.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getStore = getStore;
+const memoryStore_1 = require("./memoryStore");
+function getStore(type) {
+    if (!type)
+        return null;
+    switch (type) {
+        case "memory":
+            return memoryStore_1.memoryStore;
+        default:
+            return null;
+    }
+}

package/dist/store/memoryStore.d.ts

@@ -0,0 +1,3 @@
+import { Store } from "./types";
+export declare const memoryStore: Store;
+//# sourceMappingURL=memoryStore.d.ts.map

package/dist/store/memoryStore.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"memoryStore.d.ts","sourceRoot":"","sources":["../../src/store/memoryStore.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAC;AAsBhC,eAAO,MAAM,WAAW,EAAE,KAAyB,CAAC"}

package/dist/store/memoryStore.js

@@ -0,0 +1,21 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.memoryStore = void 0;
+class MemoryStore {
+    constructor() {
+        this.sessions = new Map();
+    }
+    makeKey(userId, fingerprint) {
+        return `${userId}:${fingerprint}`;
+    }
+    register(userId, fingerprint) {
+        this.sessions.set(this.makeKey(userId, fingerprint), true);
+    }
+    isValid(userId, fingerprint) {
+        return this.sessions.has(this.makeKey(userId, fingerprint));
+    }
+    revoke(userId, fingerprint) {
+        this.sessions.delete(this.makeKey(userId, fingerprint));
+    }
+}
+exports.memoryStore = new MemoryStore();

package/dist/store/types.d.ts

@@ -0,0 +1,6 @@
+export interface Store {
+    register(userId: string | number, fingerprint: string): void;
+    isValid(userId: string | number, fingerprint: string): boolean;
+    revoke(userId: string | number, fingerprint: string): void;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/store/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/store/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,KAAK;IAClB,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7D,OAAO,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC;IAC/D,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CAC9D"}

package/dist/store/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/verify.d.ts

@@ -1,14 +1,7 @@
-/**
- * Options for verifying a Secure Web Token
- */
+import { StoreType } from "./store";
 export interface VerifyOptions {
-    /**
-     * Device fingerprint(s) allowed to verify token
-     */
     fingerprint?: string;
+    store?: StoreType;
 }
-/**
- * Verifies and decrypts a Secure Web Token.
- */
 export default function verify(token: string, secret: string, options?: VerifyOptions): Record<string, any>;
 //# sourceMappingURL=verify.d.ts.map

package/dist/verify.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAIA;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,CAAC,OAAO,UAAU,MAAM,CAC5B,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,aAAkB,GAC1B,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAmDrB"}
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAGA,OAAO,EAAY,SAAS,EAAE,MAAM,SAAS,CAAC;AAE9C,MAAM,WAAW,aAAa;IAC5B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,SAAS,CAAC;CACnB;AAED,MAAM,CAAC,OAAO,UAAU,MAAM,CAC5B,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,aAAkB,GAC1B,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAuDrB"}

package/dist/verify.js

@@ -40,9 +40,7 @@ exports.default = verify;
 const crypto = __importStar(require("crypto"));
 const decrypt_1 = __importDefault(require("./decrypt"));
 const utils_1 = require("./utils");
-/**
- * Verifies and decrypts a Secure Web Token.
- */
+const store_1 = require("./store");
 function verify(token, secret, options = {}) {
     if (!token || typeof token !== "string") {
         throw new Error("Token must be a string");
@@ -68,13 +66,18 @@ function verify(token, secret, options = {}) {
     if (!payload.data || typeof payload.data !== "object") {
         throw new Error("Invalid payload structure");
     }
+    // 🔐 Fingerprint + store validation
     if (options.fingerprint) {
-        const provided = options.fingerprint;
-        const stored = payload.fp;
-        const matched = provided === stored;
-        if (!matched) {
+        if (payload.fp !== options.fingerprint) {
             throw new Error("Fingerprint mismatch");
         }
+        const store = (0, store_1.getStore)(options.store);
+        if (store) {
+            const valid = store.isValid(payload.data.userId, payload.fp);
+            if (!valid) {
+                throw new Error("Session revoked or invalid device");
+            }
+        }
     }
-    return payload; // { data, iat, exp, fp }
+    return payload;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "secure-web-token",
-  "version": "1.0.4",
+  "version": "1.1.0",
   "description": "A secure web token utility",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",