@e280/authlocal
Version:
User-sovereign login system for everybody
47 lines (46 loc) • 1.22 kB
TypeScript
import { Token } from "../token/types.js";
import { SignClaimOptions } from "../claim/types.js";
import { Identity, Nametag } from "../identity/types.js";
export type VerifyLoginOptions = {
session: Session;
appOrigins: string[];
};
export type LoginSignClaimOptions<C> = Omit<SignClaimOptions<C>, "session" | "appOrigin">;
/** a login session */
export type Session = {
/** private key for a login session */
secret: string;
/** proof for this session */
proofToken: string;
};
export type GenerateSessionOptions = {
expiresAt: number;
identity: Identity;
appOrigin: string;
authorityOrigin: string;
};
/** proof that a session was signed by the user's identity */
export type Proof = {
sessionId: string;
nametag: Nametag;
};
export type SignProofOptions = {
identitySecret: string;
expiresAt: number;
proof: Proof;
appOrigin: string;
authorityOrigin: string;
};
export type VerifyProofOptions = {
proofToken: string;
appOrigins: string[];
atTime?: number | null;
};
/** token payload that contains proof */
export type ProofPayload = {
data: Proof;
exp: number;
sub: string;
iss: string;
aud: string;
} & Token;