npm - secure-web-token - Versions diffs - 1.2.6 → 1.2.7 - Mend

secure-web-token 1.2.6 → 1.2.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/dist/sign.d.ts CHANGED Viewed

@@ -1,13 +1,35 @@
 import { StoreType } from "./store";
+/**
+ * Options for signing a Secure Web Token.
+ */
 export interface SignOptions {
+    /**
+     * Token expiration time in seconds. Defaults to 900 (15 minutes).
+     */
     expiresIn?: number;
+    /**
+     * Whether to enable fingerprint/session mode. If true, generates a device-bound session.
+     */
     fingerprint?: true;
+    /**
+     * The store type to use for session persistence.
+     */
     store?: StoreType;
 }
 /**
- * sign() now returns:
- * - token (encrypted payload)
- * - sessionId (to store in HttpOnly cookie)
+ * Signs a payload to create a Secure Web Token (SWT).
+ *
+ * @param data - The object to be encrypted in the token. Must include `userId` if using fingerprint/session mode.
+ * @param secret - The secret key used for encryption and HMAC signing.
+ * @param options - Configuration options for the token.
+ * @param options.expiresIn - Token expiration time in seconds (default: 900).
+ * @param options.fingerprint - Set to true to enable device-bound session mode.
+ * @param options.store - The store type to use for session persistence (e.g., 'memory').
+ *
+ * @returns An object containing the generated `token` and an optional `sessionId` if fingerprinting is enabled.
+ *
+ * @example
+ * const { token, sessionId } = sign({ userId: '123' }, 'my-secret', { fingerprint: true });
  */
 export default function sign(data: Record<string, any>, secret: string, options?: SignOptions): {
     token: string;

package/dist/sign.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"sign.d.ts","sourceRoot":"","sources":["../src/sign.ts"],"names":[],"mappings":"AAIA,OAAO,EAAY,SAAS,EAAE,MAAM,SAAS,CAAC;AAE9C,MAAM,WAAW,WAAW;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,IAAI,CAAC;IACnB,KAAK,CAAC,EAAE,SAAS,CAAC;CACnB;AAED~~;;;;GAIG~~;AACH,MAAM,CAAC,OAAO,UAAU,IAAI,CAC1B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,WAAgB,GACxB;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,CAoDvC"}
1	+ {"version":3,"file":"sign.d.ts","sourceRoot":"","sources":["../src/sign.ts"],"names":[],"mappings":"AAIA,OAAO,EAAY,SAAS,EAAE,MAAM,SAAS,CAAC;AAE9C;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,WAAW,CAAC,EAAE,IAAI,CAAC;IACnB;;OAEG;IACH,KAAK,CAAC,EAAE,SAAS,CAAC;CACnB;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,OAAO,UAAU,IAAI,CAC1B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,WAAgB,GACxB;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,CAoDvC"}

package/dist/sign.js CHANGED Viewed

@@ -43,9 +43,19 @@ const utils_1 = require("./utils");
 const device_1 = require("./device");
 const store_1 = require("./store");
 /**
- * sign() now returns:
- * - token (encrypted payload)
- * - sessionId (to store in HttpOnly cookie)
+ * Signs a payload to create a Secure Web Token (SWT).
+ *
+ * @param data - The object to be encrypted in the token. Must include `userId` if using fingerprint/session mode.
+ * @param secret - The secret key used for encryption and HMAC signing.
+ * @param options - Configuration options for the token.
+ * @param options.expiresIn - Token expiration time in seconds (default: 900).
+ * @param options.fingerprint - Set to true to enable device-bound session mode.
+ * @param options.store - The store type to use for session persistence (e.g., 'memory').
+ *
+ * @returns An object containing the generated `token` and an optional `sessionId` if fingerprinting is enabled.
+ *
+ * @example
+ * const { token, sessionId } = sign({ userId: '123' }, 'my-secret', { fingerprint: true });
  */
 function sign(data, secret, options = {}) {
     if (!secret || typeof secret !== "string")

package/dist/store/index.d.ts CHANGED Viewed

@@ -1,4 +1,10 @@
 import { Store } from "./types";
 export type StoreType = "memory";
+/**
+ * Retrieves a session store instance by type.
+ *
+ * @param type - The type of store to retrieve (e.g., 'memory').
+ * @returns The store instance or null if no type is provided or the type is invalid.
+ */
 export declare function getStore(type?: StoreType): Store | null;
 //# sourceMappingURL=index.d.ts.map

package/dist/store/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/store/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAC;AAEhC,MAAM,MAAM,SAAS,GAAG,QAAQ,CAAC;AAEjC,wBAAgB,QAAQ,CAAC,IAAI,CAAC,EAAE,SAAS,GAAG,KAAK,GAAG,IAAI,CASvD"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/store/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAC;AAEhC,MAAM,MAAM,SAAS,GAAG,QAAQ,CAAC;AAEjC;;;;;GAKG;AACH,wBAAgB,QAAQ,CAAC,IAAI,CAAC,EAAE,SAAS,GAAG,KAAK,GAAG,IAAI,CASvD"}

package/dist/store/index.js CHANGED Viewed

@@ -2,6 +2,12 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getStore = getStore;
 const memoryStore_1 = require("./memoryStore");
+/**
+ * Retrieves a session store instance by type.
+ *
+ * @param type - The type of store to retrieve (e.g., 'memory').
+ * @returns The store instance or null if no type is provided or the type is invalid.
+ */
 function getStore(type) {
     if (!type)
         return null;

package/dist/store/types.d.ts CHANGED Viewed

@@ -1,16 +1,32 @@
+/**
+ * Interface for session storage backends.
+ */
 export interface Store {
+    /**
+     * Registers a new session in the store.
+     * @param session - The session details to store.
+     */
     registerSession(session: {
         sessionId: string;
         userId: string | number;
         deviceId: string;
         fingerprint: string;
     }): void;
+    /**
+     * Retrieves a session by its ID.
+     * @param sessionId - The unique identifier for the session.
+     * @returns The session details or null if not found.
+     */
     getSession(sessionId: string): {
         sessionId: string;
         userId: string | number;
         deviceId: string;
         fingerprint: string;
     } | null;
+    /**
+     * Revokes (removes) a session from the store.
+     * @param sessionId - The unique identifier for the session to revoke.
+     */
     revokeSession(sessionId: string): void;
 }
 //# sourceMappingURL=types.d.ts.map

package/dist/store/types.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/store/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,KAAK;IAClB,eAAe,CAAC,OAAO,EAAE;QACrB,SAAS,EAAE,MAAM,CAAC;QAClB,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC;QACxB,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;KACvB,GAAG,IAAI,CAAC;IAET,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG;QAC3B,SAAS,EAAE,MAAM,CAAC;QAClB,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC;QACxB,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;KACvB,GAAG,IAAI,CAAC;IAET,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1C"}
1	+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/store/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,WAAW,KAAK;IAClB;;;OAGG;IACH,eAAe,CAAC,OAAO,EAAE;QACrB,SAAS,EAAE,MAAM,CAAC;QAClB,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC;QACxB,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;KACvB,GAAG,IAAI,CAAC;IAET;;;;OAIG;IACH,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG;QAC3B,SAAS,EAAE,MAAM,CAAC;QAClB,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC;QACxB,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;KACvB,GAAG,IAAI,CAAC;IAET;;;OAGG;IACH,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1C"}

package/dist/verify.d.ts CHANGED Viewed

@@ -1,8 +1,33 @@
 import { StoreType } from "./store";
+/**
+ * Options for verifying a Secure Web Token.
+ */
 export interface VerifyOptions {
+    /**
+     * The session ID to verify against the store. Should be retrieved from an HttpOnly cookie.
+     */
     sessionId?: string;
+    /**
+     * The unique fingerprint of the device/session.
+     */
     fingerprint?: string;
+    /**
+     * The store type used to retrieve session data.
+     */
     store?: StoreType;
 }
+/**
+ * Verifies and decrypts a Secure Web Token (SWT).
+ *
+ * @param token - The SWT string to verify.
+ * @param secret - The secret key used for decryption and signature verification.
+ * @param options - Verification options.
+ * @param options.sessionId - The session ID to verify against the store (Backend-only mode).
+ * @param options.fingerprint - The device/session fingerprint to verify.
+ * @param options.store - The store type used for session verification.
+ *
+ * @returns The decrypted payload data.
+ * @throws {Error} If the token is invalid, expired, or session verification fails.
+ */
 export default function verify(token: string, secret: string, options?: VerifyOptions): Record<string, any>;
 //# sourceMappingURL=verify.d.ts.map

package/dist/verify.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAGA,OAAO,EAAY,SAAS,EAAE,MAAM,SAAS,CAAC;AAE9C,MAAM,WAAW,aAAa;IAC5B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,SAAS,CAAC;CACnB;AAED,MAAM,CAAC,OAAO,UAAU,MAAM,CAC5B,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,aAAkB,GAC1B,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAoCrB"}
1	+ {"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAGA,OAAO,EAAY,SAAS,EAAE,MAAM,SAAS,CAAC;AAE9C;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;OAEG;IACH,KAAK,CAAC,EAAE,SAAS,CAAC;CACnB;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,OAAO,UAAU,MAAM,CAC5B,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,aAAkB,GAC1B,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAoCrB"}

package/dist/verify.js CHANGED Viewed

@@ -41,6 +41,19 @@ const crypto = __importStar(require("crypto"));
 const decrypt_1 = __importDefault(require("./decrypt"));
 const utils_1 = require("./utils");
 const store_1 = require("./store");
+/**
+ * Verifies and decrypts a Secure Web Token (SWT).
+ *
+ * @param token - The SWT string to verify.
+ * @param secret - The secret key used for decryption and signature verification.
+ * @param options - Verification options.
+ * @param options.sessionId - The session ID to verify against the store (Backend-only mode).
+ * @param options.fingerprint - The device/session fingerprint to verify.
+ * @param options.store - The store type used for session verification.
+ *
+ * @returns The decrypted payload data.
+ * @throws {Error} If the token is invalid, expired, or session verification fails.
+ */
 function verify(token, secret, options = {}) {
     if (!token || typeof token !== "string")
         throw new Error("Token must be string");

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "secure-web-token",
-  "version": "1.2.6",
+  "version": "1.2.7",
   "description": "A secure web token utility",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -19,7 +19,7 @@
     "type": "git",
     "url": "git+https://github.com/MintuSingh07/node-securewebtoken.git"
   },
-  "homepage": "https://securewebtoken.vercel.app/",
+  "homepage": "https://securewebtoken.vercel.app",
   "bugs": {
     "url": "https://github.com/MintuSingh07/node-securewebtoken/issues"
   },