@replyke/core/dist/cjs/hooks/crypto/useSignTestingJwt.js

Replyke: Build interactive apps with social features like comments, votes, feeds, user lists, notifications, and more.

"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const axios_1 = __importDefault(require("../../config/axios"));
const handleError_1 = require("../../utils/handleError");
const WARNING = `
    WARNING: You are using a testing function to generate JWTs in your client application.
    This is NOT secure and should ONLY be used for initial development and testing purposes.

    In production:
    - NEVER expose your secret key in client-side code.
    - Refer to the documentation at https://docs.replyke.com to implement JWT signing on your backend.
    - Rotate your secret key periodically, especially after moving from testing to production.

    Failure to follow these practices can lead to security vulnerabilities.
  `;
function useSignTestingJwt() {
    const signTestingJwt = async ({ projectId, privateKey, userData, }) => {
        try {
            if (!projectId) {
                throw new Error("No project specified");
            }
            // Warn developers about the security risks
            console.warn(WARNING);
            const response = await axios_1.default.post(`/${projectId}/crypto/sign-testing-jwt/v2`, {
                projectId,
                privateKey,
                userData,
            });
            return response.data;
        }
        catch (err) {
            (0, handleError_1.handleError)(err, "Failed to sign testing jwt: ");
        }
    };
    return signTestingJwt;
}
exports.default = useSignTestingJwt;
//# sourceMappingURL=useSignTestingJwt.js.map