UNPKG

@compyai/securetoken

Version:

A modular, encrypted, DB-agnostic token system with optional refresh support, honeypot protection, and revocation. A secure alternative to JWT.

45 lines (36 loc) 1.29 kB
require("dotenv").config(); const { createToken, verifyToken, refreshToken, registerStore, } = require("../src/index"); const memoryStore = require("../stores/memoryStore"); registerStore(memoryStore); // Use in-memory store for testing (async () => { console.log("✅ Starting test..."); // 1. Create a token const user = { userId: "user-123" }; const { accessToken, refreshToken: refresh } = await createToken(user, { refresh: true, expiresIn: 60, // 1 min refreshExpiresIn: 3600, // 1 hour }); console.log("🔐 Access Token:", accessToken); console.log("♻️ Refresh Token:", refresh); // 2. Verify the access token const data = await verifyToken(accessToken); console.log("✅ Verified payload:", data); // 3. Use refresh token to get new tokens const refreshed = await refreshToken(refresh); console.log("🔄 New Access Token:", refreshed.accessToken); console.log("🔁 New Refresh Token:", refreshed.refreshToken); // 4. Try using old refresh token (should be revoked) try { await refreshToken(refresh); console.error("❌ Old refresh token should be revoked!"); } catch (err) { console.log("✅ Old refresh token rejected as expected:", err.message); } console.log("🎉 All tests passed!"); })();