UNPKG

@srsl/tools

Version:

JavaScript tools for common interfaces

github.com/srslafazan/tools

srslafazan/tools

74 lines (62 loc) 2.4 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
const { path } = require('ramda') const { promisify } = require('bluebird') const jwt = require('jsonwebtoken') const debug = require('debug') const dbg = debug("@srsl/tools/utils/session") const signJWT = promisify(jwt.sign) const verifyJWT = promisify(jwt.verify) const createJWT = async ({ key = process.env.EXPRESS_SESSION_SECRET, data }) => { const result = await signJWT(data, key, { expiresIn: '30d' }) return result } const decodeJWT = async ({ token, key = process.env.EXPRESS_SESSION_SECRET }) => { return await verifyJWT(token, key) } const sessionFromRequest = async ({ req }) => { dbg('req.cookie', req.cookie) dbg('req.cookies', req.cookies) dbg('req.signedCookies', req.signedCookies) dbg('req.session', req.session) dbg('req.headers', req.headers) let token try { if (req.get('authorization')) { token = req.get('authorization').split(' ')[1] /* "authorization: Bearer <token>" */ } else if (path(['session', 'user'], req)) { token = req.session.user } else if (path(['cookies', 'authorization'], req)) { token = req.cookies.authorization.split(' ')[1] /* "authorization: Bearer <token>" */ } return await decodeJWT({ token }) } catch (e) { return {} } } const sessionFromConnectionParams = async ({ connectionParams }) => { const authorization = path(['authorization'], connectionParams) if (!authorization) return {} const token = authorization.split(' ')[1] /* "authorization: Bearer <token>" */ return await decodeJWT({ token }) } const createSession = async ({ redis, req, res, user }) => { const userData = { id: user.id } const accessToken = await createJWT({ data: { user: userData } }) // TODO duration const refreshToken = await createJWT({ data: { user: userData } }) /* Set cookie */ req.session.user = accessToken /* Create JWT tokens */ // Note - they are the same for now return { accessToken, refreshToken, tokenType: 'Bearer', } } const destroySession = ({ req }) => req.session.destroy() module.exports.signJWT = signJWT module.exports.verifyJWT = verifyJWT module.exports.createSession = createSession module.exports.destroySession = destroySession module.exports.createJWT = createJWT module.exports.decodeJWT = decodeJWT module.exports.sessionFromRequest = sessionFromRequest module.exports.sessionFromConnectionParams = sessionFromConnectionParams