@bee.js/node
Version:
A JavaScript framework for making Node.js API´s
72 lines (54 loc) • 1.97 kB
JavaScript
const CryptoJS = require("crypto-js");
const log = require("../beeHive/log");
function base64url(source) {
encodedSource = CryptoJS.enc.Base64.stringify(source);
encodedSource = encodedSource.replace(/=+$/, "");
encodedSource = encodedSource.replace(/\+/g, "-");
encodedSource = encodedSource.replace(/\//g, "_");
return encodedSource;
}
module.exports = function token(_payload = null, header = {}) {
if (_payload) {
let { jwt, ...payload } = _payload;
if (!global.configs.jwt && !global.configs.jwt.secret)
return log("ERROR: no jwt.secret defined in configs.");
let secret = global.configs.jwt.secret;
let iat = new Date().getTime();
let exp = new Date().getTime() + 60 * 1000;
header = {
...header,
typ: header.typ || "JWT",
alg: header.alg || "HS256",
};
payload = { ...payload, iat: iat, exp: exp };
header = base64url(CryptoJS.enc.Utf8.parse(JSON.stringify(header)));
payload = base64url(CryptoJS.enc.Utf8.parse(JSON.stringify(payload)));
const signature = base64url(
CryptoJS.HmacSHA256(`${header}.${payload}`, secret)
);
const token = `${header}.${payload}.${signature}`;
this.data.jwt =
this.data.jwt && typeof this.data.jwt !== "object"
? [this.data.jwt]
: this.data.jwt;
this.data.jwt = !this.data.jwt ? token : this.data.jwt.concat(token);
this.counters.jwt = (this.counters.jwt || 0) + 1;
log("JWT created: " + this.data.jwt);
return this;
}
return {
...this,
verify: function (token) {
const secret = global.configs.jwt.secret;
const array = token.split(".");
const header = array[0];
const payload = array[1];
const signature = base64url(
CryptoJS.HmacSHA256(`${header}.${payload}`, secret)
);
return token === `${header}.${payload}.${signature}`
? new Buffer.from(payload, "base64").toString("ascii")
: false;
},
};
};