tturn 0.1.1 → 0.1.2

package/README.md

@@ -29,11 +29,11 @@ import { Tturn } from "tturn";
 
 const turn = new Tturn({
   realm: "turn.example.com",
-  authSecret: "replace-with-your-secret",
+  password: "replace-with-your-password",
   publicIp: "1.2.3.4",
   listenPort: 3478,
   username: "user-1001",
-  ttlSec: 600
+  disableCredentialExpiry: true
 });
 
 const ice = await turn.start();
@@ -44,6 +44,13 @@ await turn.stop();
 
 `start()` now returns one ICE payload directly, so bootstrap can be only `new Tturn(...)` + `start()`.
 
+For long-running sessions, set `disableCredentialExpiry: true` to issue non-expiring credentials.
+
+With static password mode (`password` + `username`), what you set is what clients use:
+
+- output `username` is exactly your configured username
+- output `credential` is exactly your configured password
+
 ## Credential options
 
 `issueCredential(options)` supports:
@@ -69,12 +76,18 @@ TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret tturn credentia
 
 # Optional: provide custom username
 TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret TTURN_USERNAME=alice tturn credential
+
+# Optional: disable credential expiry (long-lived credentials)
+TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret TTURN_USERNAME=alice TTURN_DISABLE_CREDENTIAL_EXPIRY=1 tturn credential
+
+# Static account/password (exact value, no rewrite)
+TURN_REALM=turn.example.com TURN_USERNAME=alice TURN_PASSWORD=alice-pass TTURN_DISABLE_CREDENTIAL_EXPIRY=1 tturn start
 ```
 
 Required env:
 
 - `TURN_REALM`
-- `TURN_SECRET`
+- `TURN_SECRET` or `TURN_PASSWORD`
 
 Optional env:
 
@@ -82,19 +95,35 @@ Optional env:
 - `TURN_PORT`
 - `TTURN_TTL_SEC`
 - `TTURN_USER_ID`
-- `TTURN_USERNAME`
+- `TTURN_USERNAME` (or `TURN_USERNAME`)
+- `TTURN_DISABLE_CREDENTIAL_EXPIRY` (`1` or `true`)
 
 ## API options
 
 - `realm` (required): TURN realm/domain.
-- `authSecret` (required): shared secret for dynamic credentials.
+- `authSecret` (optional): shared secret for dynamic credentials.
+- `password` (optional): static TURN password (when set, returned credential stays fixed).
 - `listenPort` (default `3478`): TURN listening port.
 - `publicIp` (optional, recommended): public relay IP exposed to clients.
 - `listeningIp` (default `0.0.0.0`): bind address.
 - `username` / `userId` (optional): default credential username seed. `username` has higher priority.
 - `ttlSec` (optional): default credential TTL used by `start()` and `issueCredential()`.
+- `disableCredentialExpiry` (optional): disable timestamp expiry check and issue non-expiring credentials.
 - `minPort` / `maxPort`: reserved for relay port range control in next iterations.
 
+At least one of `authSecret` or `password` must be provided.
+
+## Quick verify
+
+```bash
+npm install
+npm run build
+
+TURN_REALM=turn.example.com TURN_PUBLIC_IP=1.2.3.4 TURN_USERNAME=alice TURN_PASSWORD=alice-pass TTURN_DISABLE_CREDENTIAL_EXPIRY=1 node dist/cli.js credential
+```
+
+The returned JSON should keep `username = "alice"` and `credential = "alice-pass"`.
+
 ## Build from source
 
 Requirements:

package/README.zh-CN.md

@@ -32,11 +32,11 @@ import { Tturn } from "tturn";
 
 const turn = new Tturn({
   realm: "turn.example.com",
-  authSecret: "replace-with-your-secret",
+  password: "replace-with-your-password",
   publicIp: "1.2.3.4",
   listenPort: 3478,
   username: "user-1001",
-  ttlSec: 600
+  disableCredentialExpiry: true
 });
 
 const ice = await turn.start();
@@ -46,6 +46,13 @@ await turn.stop();
 ```
 
 `start()` 会直接返回一组 ICE，因此最简流程只需要 `new Tturn(...)` 和 `start()`。
+
+如果你需要长时间持续连接，可设置 `disableCredentialExpiry: true`，生成不过期凭证。
+
+在静态账号密码模式（`password` + `username`）下：
+
+- 输出的 `username` 就是你配置的账号
+- 输出的 `credential` 就是你配置的密码
 
 ## 5）CLI 用法
 
@@ -58,6 +65,12 @@ TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret tturn credentia
 
 # 可选：传入自定义 username
 TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret TTURN_USERNAME=alice tturn credential
+
+# 可选：禁用凭证过期（长期凭证）
+TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret TTURN_USERNAME=alice TTURN_DISABLE_CREDENTIAL_EXPIRY=1 tturn credential
+
+# 静态账号密码（原样输出，不改写）
+TURN_REALM=turn.example.com TURN_USERNAME=alice TURN_PASSWORD=alice-pass TTURN_DISABLE_CREDENTIAL_EXPIRY=1 tturn start
 ```
 
 ## 5.1）凭证参数补充（username）
@@ -70,14 +83,29 @@ TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret TTURN_USERNAME=
 
 ## 6）配置参数说明
 
-- `realm`（必填）：TURN realm / 域名。
-- `authSecret`（必填）：动态凭证签名密钥。
+- `realm`（必填）：TURN realm / 域名。
+- `authSecret`（可选）：动态凭证签名密钥。
+- `password`（可选）：静态 TURN 密码（设置后返回值保持固定）。
 - `listenPort`（默认 `3478`）：TURN 监听端口。
 - `publicIp`（建议配置）：客户端访问的公网 IP。
 - `listeningIp`（默认 `0.0.0.0`）：本地绑定地址。
 - `username` / `userId`（可选）：默认凭证用户名种子，`username` 优先级更高。
 - `ttlSec`（可选）：`start()` 与 `issueCredential()` 的默认凭证时效。
+- `disableCredentialExpiry`（可选）：禁用时间戳过期校验，生成不过期凭证。
 - `minPort` / `maxPort`：预留给后续中继端口范围控制。
+
+`authSecret` 和 `password` 至少需要提供一个。
+
+## 6.1）快速验证
+
+```bash
+npm install
+npm run build
+
+TURN_REALM=turn.example.com TURN_PUBLIC_IP=1.2.3.4 TURN_USERNAME=alice TURN_PASSWORD=alice-pass TTURN_DISABLE_CREDENTIAL_EXPIRY=1 node dist/cli.js credential
+```
+
+返回 JSON 中应保持 `username = "alice"`、`credential = "alice-pass"`。
 
 ## 7）源码构建
 

package/dist/app.js

@@ -3,20 +3,23 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const index_1 = require("./index");
 const APP_CONFIG = {
     realm: "turn.example.com",
-    authSecret: "replace-with-your-secret",
-    publicIp: "1.2.3.4",
-    listenPort: 3478,
-    username: "google-test",
-    ttlSec: 600
+    publicIp: "192.168.3.66",
+    listenPort: 22224,
+    username: "metadigiee",
+    password: "22222",
+    ttlSec: 600,
+    disableCredentialExpiry: true
 };
 async function main() {
     const service = new index_1.Tturn({
         realm: APP_CONFIG.realm,
         authSecret: APP_CONFIG.authSecret,
+        password: APP_CONFIG.password,
         publicIp: APP_CONFIG.publicIp,
         listenPort: APP_CONFIG.listenPort,
         username: APP_CONFIG.username,
-        ttlSec: APP_CONFIG.ttlSec
+        ttlSec: APP_CONFIG.ttlSec,
+        disableCredentialExpiry: APP_CONFIG.disableCredentialExpiry
     });
     const ice = await service.start();
     console.log("[tturn] started.");

package/dist/cli.js

@@ -5,28 +5,36 @@ const index_1 = require("./index");
 async function run() {
     const command = process.argv[2];
     if (command === "credential") {
-        const secret = mustGetEnv("TURN_SECRET");
         const realm = mustGetEnv("TURN_REALM");
-        const service = (0, index_1.createTurnService)({ realm, authSecret: secret, publicIp: process.env.TURN_PUBLIC_IP });
+        const authOptions = resolveAuthOptions();
+        const service = (0, index_1.createTurnService)({
+            realm,
+            authSecret: authOptions.authSecret,
+            password: authOptions.password,
+            publicIp: process.env.TURN_PUBLIC_IP,
+            disableCredentialExpiry: readBoolEnv("TTURN_DISABLE_CREDENTIAL_EXPIRY") ?? Boolean(authOptions.password)
+        });
         const ice = service.issueCredential({
             ttlSec: process.env.TTURN_TTL_SEC ? Number(process.env.TTURN_TTL_SEC) : 3600,
             userId: process.env.TTURN_USER_ID,
-            username: process.env.TTURN_USERNAME
+            username: readUsernameEnv()
         });
         process.stdout.write(`${JSON.stringify(ice, null, 2)}\n`);
         return;
     }
     if (command === "start") {
-        const secret = mustGetEnv("TURN_SECRET");
         const realm = mustGetEnv("TURN_REALM");
+        const authOptions = resolveAuthOptions();
         const service = (0, index_1.createTurnService)({
             realm,
-            authSecret: secret,
+            authSecret: authOptions.authSecret,
+            password: authOptions.password,
             publicIp: process.env.TURN_PUBLIC_IP,
             listenPort: process.env.TURN_PORT ? Number(process.env.TURN_PORT) : 3478,
             ttlSec: process.env.TTURN_TTL_SEC ? Number(process.env.TTURN_TTL_SEC) : 3600,
-            username: process.env.TTURN_USERNAME,
-            userId: process.env.TTURN_USER_ID
+            username: readUsernameEnv(),
+            userId: process.env.TTURN_USER_ID,
+            disableCredentialExpiry: readBoolEnv("TTURN_DISABLE_CREDENTIAL_EXPIRY") ?? Boolean(authOptions.password)
         });
         const ice = await service.start();
         process.stdout.write("tturn started\n");
@@ -53,11 +61,33 @@ function printUsage() {
         "  tturn credential  # prints one ICE server credential JSON",
         "",
         "required env:",
-        "  TURN_REALM, TURN_SECRET",
+        "  TURN_REALM",
+        "  TURN_SECRET or TURN_PASSWORD",
         "optional env:",
-        "  TURN_PUBLIC_IP, TURN_PORT, TTURN_TTL_SEC, TTURN_USER_ID, TTURN_USERNAME"
+        "  TURN_PUBLIC_IP, TURN_PORT, TTURN_TTL_SEC, TTURN_USER_ID, TTURN_USERNAME (or TURN_USERNAME), TTURN_DISABLE_CREDENTIAL_EXPIRY"
     ].join("\n") + "\n");
 }
+function readUsernameEnv() {
+    return process.env.TTURN_USERNAME ?? process.env.TURN_USERNAME;
+}
+function resolveAuthOptions() {
+    const authSecret = process.env.TURN_SECRET;
+    const password = process.env.TURN_PASSWORD;
+    if (!authSecret && !password) {
+        throw new Error("Missing required env: TURN_SECRET or TURN_PASSWORD");
+    }
+    return {
+        authSecret: authSecret ?? "",
+        password
+    };
+}
+function readBoolEnv(name) {
+    const value = process.env[name];
+    if (!value) {
+        return undefined;
+    }
+    return value === "1" || value.toLowerCase() === "true";
+}
 function waitForSignal() {
     return new Promise((resolve) => {
         const keepAlive = setInterval(() => {

package/dist/native-binding.js

@@ -6,9 +6,9 @@ const node_path_1 = require("node:path");
 function loadNativeBinding() {
     const root = (0, node_path_1.join)(__dirname, "..");
     const candidates = [
+        (0, node_path_1.join)(root, binaryName()),
         (0, node_path_1.join)(root, "index.node"),
-        (0, node_path_1.join)(root, "native", "index.node"),
-        (0, node_path_1.join)(root, binaryName())
+        (0, node_path_1.join)(root, "native", "index.node")
     ];
     for (const filePath of candidates) {
         if (!(0, node_fs_1.existsSync)(filePath)) {

package/dist/service.js

@@ -4,14 +4,19 @@ exports.TurnService = void 0;
 const native_binding_1 = require("./native-binding");
 class TurnService {
     constructor(options) {
-        const { username, userId, ttlSec, ...nativeOptions } = options;
+        const { username, password, userId, ttlSec, ...nativeOptions } = options;
+        const disableCredentialExpiry = options.disableCredentialExpiry ?? Boolean(password);
         this.native = new native_binding_1.binding.NativeTurnService({
             ...nativeOptions,
+            authSecret: nativeOptions.authSecret ?? "",
             listenPort: nativeOptions.listenPort ?? 3478,
             minPort: nativeOptions.minPort ?? 49152,
             maxPort: nativeOptions.maxPort ?? 65535,
             publicIp: nativeOptions.publicIp ?? nativeOptions.realm,
-            listeningIp: nativeOptions.listeningIp ?? "0.0.0.0"
+            listeningIp: nativeOptions.listeningIp ?? "0.0.0.0",
+            username,
+            password,
+            disableCredentialExpiry
         });
         this.defaultIssueOptions = {
             ttlSec,

package/dist/types.d.ts

@@ -16,15 +16,17 @@ export interface IssueCredentialOptions {
 }
 export interface TurnServiceOptions {
     realm: string;
-    authSecret: string;
+    authSecret?: string;
     listenPort?: number;
     minPort?: number;
     maxPort?: number;
     publicIp?: string;
     listeningIp?: string;
     username?: string;
+    password?: string;
     userId?: string;
     ttlSec?: number;
+    disableCredentialExpiry?: boolean;
 }
 export interface StartOptions {
     detached?: boolean;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "tturn",
-  "version": "0.1.1",
+  "version": "0.1.2",
   "description": "High-performance TURN server for Node.js with embedded native core",
   "keywords": [
     "turn",