@vendure/core
Version:
A modern, headless ecommerce framework
82 lines (81 loc) • 3.3 kB
TypeScript
import { RequestContext } from '../../api';
import { PasswordHashingStrategy } from '../auth/password-hashing-strategy';
import { BaseApiKeyStrategy } from './api-key-strategy';
export declare const DEFAULT_SIZE_RANDOM_BYTES_SECRET = 32;
export declare const DEFAULT_SIZE_RANDOM_BYTES_LOOKUP = 12;
export declare const DEFAULT_LAST_USED_AT_UPDATE_INTERVAL = 0;
/**
* @see {@link RandomBytesApiKeyStrategy}
* @since 3.6.0
*/
export interface RandomBytesApiKeyStrategyOptions {
/**
* @description
* The number of bytes to generate. The size must not be larger than 2**31 - 1.
* This is the input size for `crypto.randomBytes`
*
* @default 32
* @see {@link DEFAULT_SIZE_RANDOM_BYTES_SECRET}
*/
secretSize?: number;
/**
* @description
* The number of bytes to generate. The size must not be larger than 2**31 - 1.
* This is the input size for `crypto.randomBytes`
*
* @default 12
* @see {@link DEFAULT_SIZE_RANDOM_BYTES_LOOKUP}
*/
lookupSize?: number;
/**
* @description
* Defines a custom strategy for how API-Keys get hashed and checked.
* Performance considerations should be kept in mind, for more info see {@link ApiKeyStrategy}.
*
* @default {BcryptPasswordHashingStrategy}
*/
hashingStrategy?: PasswordHashingStrategy;
/**
* @description
* The main use of the `lastUsedAt`-field is enabling the detection and invalidation of unused API-Keys.
* By default, every request which gets authorized by an API-Key persists the usage date. This might not
* be desirable for larger instances, due to the cost of frequent database writes.
*
* Defining a longer duration, for example 15 minutes, means that the `lastUsedAt` field will only be
* written to in 15 minute intervals, resulting in considerably fewer database writes. This technically
* reduces the accuracy of the `lastUsedAt`-field but keep in mind that when looking for unused keys,
* what often matters is that a key has been used at all in the last days or weeks and not the specific second.
*
* If passed as a number should represent milliseconds and if passed as a string describes a time span per
* [zeit/ms](https://github.com/zeit/ms.js). Eg: `5m`, `'1 hour'`, `'10h'`
*
* @default 0
* @see {@link DEFAULT_LAST_USED_AT_UPDATE_INTERVAL}
*/
lastUsedAtUpdateInterval?: string | number;
}
/**
* @description
* A generation strategy that uses `node:crypto` to generate random hex strings for API-Keys via `randomBytes`.
*
* This strategy defines API-Keys where both parts are the aforementioned random bytes like so:
*
* ```text
* <lookupId>:<apiKey>
* ```
*
* Note the colon `':'` delimiter between the lookup ID and the api key.
*
* @docsCategory auth
* @docsPage ApiKeyStrategy
* @since 3.6.0
*/
export declare class RandomBytesApiKeyStrategy extends BaseApiKeyStrategy {
readonly secretSize: number;
readonly lookupSize: number;
readonly hashingStrategy: PasswordHashingStrategy;
constructor(input?: RandomBytesApiKeyStrategyOptions);
generateSecret(ctx: RequestContext): Promise<string>;
generateLookupId(ctx: RequestContext): Promise<string>;
private promisifyRandomBytes;
}