@paroicms/server/dist/protected-site/protected-access-token.js

The ParoiCMS server

import { readOrCreateJwtSecret } from "@paroicms/internal-server-lib";
import { join } from "node:path";
import { platformDataDir } from "../context.js";
const { sign, verify } = (await import("jsonwebtoken")).default;
export const PROTECTED_TOKEN_COOKIE = "paProtectedToken";
export const ADMIN_TOKEN_COOKIE = "paAdminToken";
export const accessTokenTtlInMs = 30 * 24 * 60 * 60 * 1000;
const protectedAccessExpiresIn = "30d";
let _protectedAccessJwtSecret;
async function protectedAccessJwtSecret() {
    if (!_protectedAccessJwtSecret) {
        _protectedAccessJwtSecret = await readOrCreateJwtSecret(join(platformDataDir, "jwt-protected-access-secret.txt"));
    }
    return _protectedAccessJwtSecret;
}
export async function generateProtectedToken(password) {
    const jwtSecret = await protectedAccessJwtSecret();
    const secret = `${jwtSecret}-${password}`;
    const payload = { access: "protected", createdAt: Date.now() };
    return sign(payload, secret, { expiresIn: protectedAccessExpiresIn });
}
export async function validateProtectedToken(token, password) {
    try {
        const jwtSecret = await protectedAccessJwtSecret();
        const secret = `${jwtSecret}-${password}`;
        verify(token, secret);
        return true;
    }
    catch {
        return false;
    }
}
export async function generateAdminToken() {
    const secret = await protectedAccessJwtSecret();
    const payload = { access: "admin", createdAt: Date.now() };
    return sign(payload, secret, { expiresIn: "7d" });
}
export async function validateAdminToken(token) {
    try {
        const secret = await protectedAccessJwtSecret();
        verify(token, secret);
        return true;
    }
    catch {
        return false;
    }
}
//# sourceMappingURL=protected-access-token.js.map