@treasure-dev/auth
Version:
Authentication token utilities for the Treasure ecosystem
31 lines (28 loc) • 886 B
text/typescript
import { KMSClientConfig } from '@aws-sdk/client-kms';
type Payload<TContext = unknown> = {
iss: string;
sub: string;
aud: string;
exp: number;
iat: number;
ctx: TContext;
};
type AuthOptions = {
kmsKey: string;
kmsClientConfig?: KMSClientConfig;
kmsPublicKeyCacheTtlSeconds?: number;
issuer?: string;
audience?: string;
expirationTimeSeconds?: number;
};
declare const createAuth: ({ kmsKey, kmsClientConfig, kmsPublicKeyCacheTtlSeconds, issuer, audience, expirationTimeSeconds, }: AuthOptions) => {
generateJWT: <TContext = unknown>(subject: string, overrides?: {
issuer?: string;
audience?: string;
expiresAt?: Date;
issuedAt?: Date;
context?: TContext;
}) => Promise<string>;
verifyJWT: <TContext = unknown>(token: string) => Promise<Payload<TContext>>;
};
export { createAuth };