UNPKG

@e280/authlocal

Version:

User-sovereign login system for everybody

github.com/e280/authlocal

e280/authlocal

24 lines (20 loc) 697 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
import {Hex} from "@e280/stz" import {signToken} from "../token/sign.js" import {decodeToken} from "../token/decode.js" import {tokentime} from "../token/tokentime.js" import {ProofPayload} from "../session/types.js" import {ClaimPayload, SignClaimOptions} from "./types.js" export async function signClaim<C>({claim, session, appOrigin, audience, expiresAt}: SignClaimOptions<C>) { const proof = decodeToken<ProofPayload>(session.proofToken).payload.data return signToken<ClaimPayload<C>>(session.secret, { jti: Hex.random(32), exp: tokentime.maybe(expiresAt), sub: proof.nametag.id, aud: audience, iss: appOrigin, data: { claim, proofToken: session.proofToken, }, }) }