@cosmstack/repoeject
Version:
Interactive CLI tool to safely find and delete old or inactive GitHub repositories. Clean up your GitHub profile by removing abandoned projects, old experiments, and unused forks.
78 lines • 2.87 kB
JavaScript
;
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.encrypt = encrypt;
exports.decrypt = decrypt;
exports.isTokenExpired = isTokenExpired;
exports.needsRefresh = needsRefresh;
const node_crypto_1 = __importDefault(require("node:crypto"));
const node_fs_1 = __importDefault(require("node:fs"));
const config_1 = require("../config");
const KEY_DIR = config_1.config.store.keyDir;
const MASTER_KEY_FILE = config_1.config.store.keyFile;
const ENCRYPTION_ALGORITHM = config_1.config.security.encryptionAlgorithm;
function generateKey() {
return node_crypto_1.default.randomBytes(32);
}
function ensureKeyDir() {
if (!node_fs_1.default.existsSync(KEY_DIR)) {
node_fs_1.default.mkdirSync(KEY_DIR, { recursive: true, mode: 0o700 });
}
}
function getMasterKey() {
ensureKeyDir();
try {
if (node_fs_1.default.existsSync(MASTER_KEY_FILE)) {
return node_fs_1.default.readFileSync(MASTER_KEY_FILE);
}
}
catch (error) {
console.warn("Failed to read master key, generating new one");
}
const masterKey = generateKey();
node_fs_1.default.writeFileSync(MASTER_KEY_FILE, masterKey, { mode: 0o600 });
return masterKey;
}
function encrypt(data) {
const masterKey = getMasterKey();
const iv = node_crypto_1.default.randomBytes(12);
const cipher = node_crypto_1.default.createCipheriv(ENCRYPTION_ALGORITHM, masterKey, iv);
const encrypted = Buffer.concat([
cipher.update(JSON.stringify(data), "utf8"),
cipher.final(),
]);
return {
iv: iv.toString("base64"),
encryptedData: encrypted.toString("base64"),
authTag: cipher.getAuthTag().toString("base64"),
createdAt: Date.now(),
};
}
function decrypt(encryptedData) {
const masterKey = getMasterKey();
const decipher = node_crypto_1.default.createDecipheriv(ENCRYPTION_ALGORITHM, masterKey, Buffer.from(encryptedData.iv, "base64"));
decipher.setAuthTag(Buffer.from(encryptedData.authTag, "base64"));
try {
const decrypted = Buffer.concat([
decipher.update(Buffer.from(encryptedData.encryptedData, "base64")),
decipher.final(),
]);
return JSON.parse(decrypted.toString("utf8"));
}
catch (error) {
throw new Error("Failed to decrypt token. Please authenticate again.");
}
}
function isTokenExpired(tokenData) {
if (!tokenData.expiresAt)
return false;
return Date.now() >= tokenData.expiresAt;
}
function needsRefresh(tokenData) {
if (!tokenData.expiresAt || !tokenData.refreshToken)
return false;
return Date.now() >= tokenData.expiresAt - 60 * 60 * 1000;
}
//# sourceMappingURL=security.js.map