npm - tturn - Versions diffs - 0.1.1 → 0.1.3 - Mend

tturn 0.1.1 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/README.md CHANGED Viewed

@@ -29,11 +29,11 @@ import { Tturn } from "tturn";
 const turn = new Tturn({
   realm: "turn.example.com",
-  authSecret: "replace-with-your-secret",
+  password: "replace-with-your-password",
   publicIp: "1.2.3.4",
   listenPort: 3478,
   username: "user-1001",
-  ttlSec: 600
+  disableCredentialExpiry: true
 });
 const ice = await turn.start();
@@ -44,6 +44,13 @@ await turn.stop();
 `start()` now returns one ICE payload directly, so bootstrap can be only `new Tturn(...)` + `start()`.
+For long-running sessions, set `disableCredentialExpiry: true` to issue non-expiring credentials.
+With static password mode (`password` + `username`), what you set is what clients use:
+- output `username` is exactly your configured username
+- output `credential` is exactly your configured password
 ## Credential options
 `issueCredential(options)` supports:
@@ -69,31 +76,55 @@ TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret tturn credentia
 # Optional: provide custom username
 TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret TTURN_USERNAME=alice tturn credential
+# Optional: disable credential expiry (long-lived credentials)
+TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret TTURN_USERNAME=alice TTURN_DISABLE_CREDENTIAL_EXPIRY=1 tturn credential
+# Static account/password (exact value, no rewrite)
+TURN_REALM=turn.example.com TURN_USERNAME=alice TURN_PASSWORD=alice-pass TTURN_DISABLE_CREDENTIAL_EXPIRY=1 tturn start
 ```
 Required env:
 - `TURN_REALM`
-- `TURN_SECRET`
+- `TURN_SECRET` or `TURN_PASSWORD`
 Optional env:
 - `TURN_PUBLIC_IP`
 - `TURN_PORT`
+- `TURN_MIN_PORT`
+- `TURN_MAX_PORT`
 - `TTURN_TTL_SEC`
 - `TTURN_USER_ID`
-- `TTURN_USERNAME`
+- `TTURN_USERNAME` (or `TURN_USERNAME`)
+- `TTURN_DISABLE_CREDENTIAL_EXPIRY` (`1` or `true`)
 ## API options
 - `realm` (required): TURN realm/domain.
-- `authSecret` (required): shared secret for dynamic credentials.
+- `authSecret` (optional): shared secret for dynamic credentials.
+- `password` (optional): static TURN password (when set, returned credential stays fixed).
 - `listenPort` (default `3478`): TURN listening port.
 - `publicIp` (optional, recommended): public relay IP exposed to clients.
 - `listeningIp` (default `0.0.0.0`): bind address.
 - `username` / `userId` (optional): default credential username seed. `username` has higher priority.
 - `ttlSec` (optional): default credential TTL used by `start()` and `issueCredential()`.
-- `minPort` / `maxPort`: reserved for relay port range control in next iterations.
+- `disableCredentialExpiry` (optional): disable timestamp expiry check and issue non-expiring credentials.
+- `minPort` / `maxPort`: relay allocation port range (effective in native TURN allocator).
+At least one of `authSecret` or `password` must be provided.
+## Quick verify
+```bash
+npm install
+npm run build
+TURN_REALM=turn.example.com TURN_PUBLIC_IP=1.2.3.4 TURN_USERNAME=alice TURN_PASSWORD=alice-pass TTURN_DISABLE_CREDENTIAL_EXPIRY=1 node dist/cli.js credential
+```
+The returned JSON should keep `username = "alice"` and `credential = "alice-pass"`.
 ## Build from source

package/README.zh-CN.md CHANGED Viewed

@@ -32,11 +32,11 @@ import { Tturn } from "tturn";
 const turn = new Tturn({
   realm: "turn.example.com",
-  authSecret: "replace-with-your-secret",
+  password: "replace-with-your-password",
   publicIp: "1.2.3.4",
   listenPort: 3478,
   username: "user-1001",
-  ttlSec: 600
+  disableCredentialExpiry: true
 });
 const ice = await turn.start();
@@ -46,6 +46,13 @@ await turn.stop();
 ```
 `start()` 会直接返回一组 ICE，因此最简流程只需要 `new Tturn(...)` 和 `start()`。
+如果你需要长时间持续连接，可设置 `disableCredentialExpiry: true`，生成不过期凭证。
+在静态账号密码模式（`password` + `username`）下：
+- 输出的 `username` 就是你配置的账号
+- 输出的 `credential` 就是你配置的密码
 ## 5）CLI 用法
@@ -58,6 +65,12 @@ TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret tturn credentia
 # 可选：传入自定义 username
 TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret TTURN_USERNAME=alice tturn credential
+# 可选：禁用凭证过期（长期凭证）
+TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret TTURN_USERNAME=alice TTURN_DISABLE_CREDENTIAL_EXPIRY=1 tturn credential
+# 静态账号密码（原样输出，不改写）
+TURN_REALM=turn.example.com TURN_USERNAME=alice TURN_PASSWORD=alice-pass TTURN_DISABLE_CREDENTIAL_EXPIRY=1 tturn start
 ```
 ## 5.1）凭证参数补充（username）
@@ -70,14 +83,29 @@ TURN_REALM=turn.example.com TURN_SECRET=replace-with-your-secret TTURN_USERNAME=
 ## 6）配置参数说明
-- `realm`（必填）：TURN realm / 域名。
-- `authSecret`（必填）：动态凭证签名密钥。
+- `realm`（必填）：TURN realm / 域名。
+- `authSecret`（可选）：动态凭证签名密钥。
+- `password`（可选）：静态 TURN 密码（设置后返回值保持固定）。
 - `listenPort`（默认 `3478`）：TURN 监听端口。
 - `publicIp`（建议配置）：客户端访问的公网 IP。
 - `listeningIp`（默认 `0.0.0.0`）：本地绑定地址。
 - `username` / `userId`（可选）：默认凭证用户名种子，`username` 优先级更高。
 - `ttlSec`（可选）：`start()` 与 `issueCredential()` 的默认凭证时效。
-- `minPort` / `maxPort`：预留给后续中继端口范围控制。
+- `disableCredentialExpiry`（可选）：禁用时间戳过期校验，生成不过期凭证。
+- `minPort` / `maxPort`：中继分配端口范围（已在 native TURN 分配器中生效）。
+`authSecret` 和 `password` 至少需要提供一个。
+## 6.1）快速验证
+```bash
+npm install
+npm run build
+TURN_REALM=turn.example.com TURN_PUBLIC_IP=1.2.3.4 TURN_USERNAME=alice TURN_PASSWORD=alice-pass TTURN_DISABLE_CREDENTIAL_EXPIRY=1 node dist/cli.js credential
+```
+返回 JSON 中应保持 `username = "alice"`、`credential = "alice-pass"`。
 ## 7）源码构建

package/dist/app.js CHANGED Viewed

@@ -3,20 +3,24 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const index_1 = require("./index");
 const APP_CONFIG = {
     realm: "turn.example.com",
-    authSecret: "replace-with-your-secret",
+    authSecret: "",
+    password: "replace-with-your-password",
     publicIp: "1.2.3.4",
     listenPort: 3478,
     username: "google-test",
-    ttlSec: 600
+    ttlSec: 600,
+    disableCredentialExpiry: true
 };
 async function main() {
     const service = new index_1.Tturn({
         realm: APP_CONFIG.realm,
         authSecret: APP_CONFIG.authSecret,
+        password: APP_CONFIG.password,
         publicIp: APP_CONFIG.publicIp,
         listenPort: APP_CONFIG.listenPort,
         username: APP_CONFIG.username,
-        ttlSec: APP_CONFIG.ttlSec
+        ttlSec: APP_CONFIG.ttlSec,
+        disableCredentialExpiry: APP_CONFIG.disableCredentialExpiry
     });
     const ice = await service.start();
     console.log("[tturn] started.");

package/dist/cli.js CHANGED Viewed

@@ -5,28 +5,41 @@ const index_1 = require("./index");
 async function run() {
     const command = process.argv[2];
     if (command === "credential") {
-        const secret = mustGetEnv("TURN_SECRET");
         const realm = mustGetEnv("TURN_REALM");
-        const service = (0, index_1.createTurnService)({ realm, authSecret: secret, publicIp: process.env.TURN_PUBLIC_IP });
+        const authOptions = resolveAuthOptions();
+        const service = (0, index_1.createTurnService)({
+            realm,
+            authSecret: authOptions.authSecret,
+            password: authOptions.password,
+            publicIp: process.env.TURN_PUBLIC_IP,
+            listenPort: process.env.TURN_PORT ? Number(process.env.TURN_PORT) : 3478,
+            minPort: process.env.TURN_MIN_PORT ? Number(process.env.TURN_MIN_PORT) : undefined,
+            maxPort: process.env.TURN_MAX_PORT ? Number(process.env.TURN_MAX_PORT) : undefined,
+            disableCredentialExpiry: readBoolEnv("TTURN_DISABLE_CREDENTIAL_EXPIRY") ?? Boolean(authOptions.password)
+        });
         const ice = service.issueCredential({
             ttlSec: process.env.TTURN_TTL_SEC ? Number(process.env.TTURN_TTL_SEC) : 3600,
             userId: process.env.TTURN_USER_ID,
-            username: process.env.TTURN_USERNAME
+            username: readUsernameEnv()
         });
         process.stdout.write(`${JSON.stringify(ice, null, 2)}\n`);
         return;
     }
     if (command === "start") {
-        const secret = mustGetEnv("TURN_SECRET");
         const realm = mustGetEnv("TURN_REALM");
+        const authOptions = resolveAuthOptions();
         const service = (0, index_1.createTurnService)({
             realm,
-            authSecret: secret,
+            authSecret: authOptions.authSecret,
+            password: authOptions.password,
             publicIp: process.env.TURN_PUBLIC_IP,
             listenPort: process.env.TURN_PORT ? Number(process.env.TURN_PORT) : 3478,
+            minPort: process.env.TURN_MIN_PORT ? Number(process.env.TURN_MIN_PORT) : undefined,
+            maxPort: process.env.TURN_MAX_PORT ? Number(process.env.TURN_MAX_PORT) : undefined,
             ttlSec: process.env.TTURN_TTL_SEC ? Number(process.env.TTURN_TTL_SEC) : 3600,
-            username: process.env.TTURN_USERNAME,
-            userId: process.env.TTURN_USER_ID
+            username: readUsernameEnv(),
+            userId: process.env.TTURN_USER_ID,
+            disableCredentialExpiry: readBoolEnv("TTURN_DISABLE_CREDENTIAL_EXPIRY") ?? Boolean(authOptions.password)
         });
         const ice = await service.start();
         process.stdout.write("tturn started\n");
@@ -53,11 +66,33 @@ function printUsage() {
         "  tturn credential  # prints one ICE server credential JSON",
         "",
         "required env:",
-        "  TURN_REALM, TURN_SECRET",
+        "  TURN_REALM",
+        "  TURN_SECRET or TURN_PASSWORD",
         "optional env:",
-        "  TURN_PUBLIC_IP, TURN_PORT, TTURN_TTL_SEC, TTURN_USER_ID, TTURN_USERNAME"
+        "  TURN_PUBLIC_IP, TURN_PORT, TURN_MIN_PORT, TURN_MAX_PORT, TTURN_TTL_SEC, TTURN_USER_ID, TTURN_USERNAME (or TURN_USERNAME), TTURN_DISABLE_CREDENTIAL_EXPIRY"
     ].join("\n") + "\n");
 }
+function readUsernameEnv() {
+    return process.env.TTURN_USERNAME ?? process.env.TURN_USERNAME;
+}
+function resolveAuthOptions() {
+    const authSecret = process.env.TURN_SECRET;
+    const password = process.env.TURN_PASSWORD;
+    if (!authSecret && !password) {
+        throw new Error("Missing required env: TURN_SECRET or TURN_PASSWORD");
+    }
+    return {
+        authSecret: authSecret ?? "",
+        password
+    };
+}
+function readBoolEnv(name) {
+    const value = process.env[name];
+    if (!value) {
+        return undefined;
+    }
+    return value === "1" || value.toLowerCase() === "true";
+}
 function waitForSignal() {
     return new Promise((resolve) => {
         const keepAlive = setInterval(() => {

package/dist/native-binding.js CHANGED Viewed

@@ -6,9 +6,9 @@ const node_path_1 = require("node:path");
 function loadNativeBinding() {
     const root = (0, node_path_1.join)(__dirname, "..");
     const candidates = [
+        (0, node_path_1.join)(root, binaryName()),
         (0, node_path_1.join)(root, "index.node"),
-        (0, node_path_1.join)(root, "native", "index.node"),
-        (0, node_path_1.join)(root, binaryName())
+        (0, node_path_1.join)(root, "native", "index.node")
     ];
     for (const filePath of candidates) {
         if (!(0, node_fs_1.existsSync)(filePath)) {

package/dist/service.js CHANGED Viewed

@@ -4,14 +4,19 @@ exports.TurnService = void 0;
 const native_binding_1 = require("./native-binding");
 class TurnService {
     constructor(options) {
-        const { username, userId, ttlSec, ...nativeOptions } = options;
+        const { username, password, userId, ttlSec, ...nativeOptions } = options;
+        const disableCredentialExpiry = options.disableCredentialExpiry ?? Boolean(password);
         this.native = new native_binding_1.binding.NativeTurnService({
             ...nativeOptions,
+            authSecret: nativeOptions.authSecret ?? "",
             listenPort: nativeOptions.listenPort ?? 3478,
             minPort: nativeOptions.minPort ?? 49152,
             maxPort: nativeOptions.maxPort ?? 65535,
             publicIp: nativeOptions.publicIp ?? nativeOptions.realm,
-            listeningIp: nativeOptions.listeningIp ?? "0.0.0.0"
+            listeningIp: nativeOptions.listeningIp ?? "0.0.0.0",
+            username,
+            password,
+            disableCredentialExpiry
         });
         this.defaultIssueOptions = {
             ttlSec,

package/dist/types.d.ts CHANGED Viewed

@@ -16,15 +16,17 @@ export interface IssueCredentialOptions {
 }
 export interface TurnServiceOptions {
     realm: string;
-    authSecret: string;
+    authSecret?: string;
     listenPort?: number;
     minPort?: number;
     maxPort?: number;
     publicIp?: string;
     listeningIp?: string;
     username?: string;
+    password?: string;
     userId?: string;
     ttlSec?: number;
+    disableCredentialExpiry?: boolean;
 }
 export interface StartOptions {
     detached?: boolean;

package/index.node CHANGED Viewed

Binary file

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "tturn",
-  "version": "0.1.1",
+  "version": "0.1.3",
   "description": "High-performance TURN server for Node.js with embedded native core",
   "keywords": [
     "turn",

package/tturn.win32-x64-msvc.node CHANGED Viewed

Binary file