UNPKG

@verdaccio/signature

Version:

Verdaccio Signature Utilities

117 lines (78 loc) 7.26 kB
# @verdaccio/signature - Verdaccio Signature Utilities [![Verdaccio Home](https://img.shields.io/badge/Homepage-Verdaccio-405236?style=flat)](https://verdaccio.org) [![MIT License](https://img.shields.io/github/license/verdaccio/verdaccio?label=License&color=405236)](https://github.com/verdaccio/verdaccio/blob/master/LICENSE) [![Verdaccio Latest](https://img.shields.io/npm/v/verdaccio?label=Latest%20Version&color=405236)](https://github.com/verdaccio/verdaccio) [![This Package Latest](https://img.shields.io/npm/v/@verdaccio/signature?label=@verdaccio/signature&color=405236)](https://npmjs.com/package/@verdaccio/signature) [![Documentation](https://img.shields.io/badge/Help-Verdaccio?style=flat&logo=Verdaccio&label=Verdaccio&color=cd4000)](https://verdaccio.org/docs) [![Discord](https://img.shields.io/badge/Chat-Discord?style=flat&logo=Discord&label=Discord&color=cd4000)](https://discord.com/channels/388674437219745793) [![Bluesky](https://img.shields.io/badge/Follow-Bluesky?style=flat&logo=Bluesky&label=Bluesky&color=cd4000)](https://bsky.app/profile/verdaccio.org) [![Backers](https://img.shields.io/opencollective/backers/verdaccio?style=flat&logo=opencollective&label=Join%20Backers&color=cd4000)](https://opencollective.com/verdaccio/contribute) [![Sponsors](https://img.shields.io/opencollective/sponsors/verdaccio?style=flat&logo=opencollective&label=Sponsor%20Us&color=cd4000)](https://opencollective.com/verdaccio/contribute) [![Verdaccio Downloads](https://img.shields.io/npm/dm/verdaccio?style=flat&logo=npm&label=Npm%20Downloads&color=lightgrey)](https://www.npmjs.com/package/verdaccio) [![Docker Pulls](https://img.shields.io/docker/pulls/verdaccio/verdaccio?style=flat&logo=docker&label=Docker%20Pulls&color=lightgrey)](https://hub.docker.com/r/verdaccio/verdaccio) [![GitHub Stars](https://img.shields.io/github/stars/verdaccio?style=flat&logo=github&label=GitHub%20Stars%20%E2%AD%90&color=lightgrey)](https://github.com/verdaccio/verdaccio/stargazers) > **Note:** This package is mostly for internal use by Verdaccio and is only intended to be used with Verdaccio 6.x. ## Overview The `@verdaccio/signature` package handles cryptographic signing and verification of JWT tokens, as well as legacy AES encryption/decryption for Verdaccio authentication tokens. ## Installation ```bash npm install @verdaccio/signature ``` ## Usage ```typescript import { aesDecrypt, aesEncrypt, signPayload, verifyPayload } from '@verdaccio/signature'; // Sign a JWT token const token = await signPayload(remoteUser, secret, { expiresIn: '7d' }); // Verify a JWT token const payload = verifyPayload(token, secret); // AES encryption/decryption const encrypted = aesEncrypt(Buffer.from('value'), 'secret-key'); const decrypted = aesDecrypt(encrypted, 'secret-key'); ``` ### API - **`signPayload(payload, secret, options)`** - Signs a `RemoteUser` payload into a JWT token - **`verifyPayload(token, secret)`** - Verifies and decodes a JWT token - **`aesEncrypt(value, key)`** - Encrypts strings using AES-256-CTR - **`aesDecrypt(value, key)`** - Decrypts AES-encrypted strings - **`parseBasicPayload(credentials)`** - Parses basic auth credentials ## Donations Verdaccio is run by **volunteers**; nobody is working full-time on it. If you find this project to be useful and would like to support its development, consider making a donation - **your logo might end up in this readme.** 😉 **[Donate](https://opencollective.com/verdaccio)** 💵👍🏻 starting from _\$1/month_ or just one single contribution. ## Report a vulnerability If you want to report a security vulnerability, please follow the steps which we have defined for you in our [security policy](https://github.com/verdaccio/verdaccio/security/policy). ## Open Collective Sponsors Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/verdaccio/contribute)] [![sponsor](https://opencollective.com/verdaccio/sponsor/0/avatar.svg)](https://opencollective.com/verdaccio/sponsor/0/website) [![sponsor](https://opencollective.com/verdaccio/sponsor/1/avatar.svg)](https://opencollective.com/verdaccio/sponsor/1/website) [![sponsor](https://opencollective.com/verdaccio/sponsor/2/avatar.svg)](https://opencollective.com/verdaccio/sponsor/2/website) [![sponsor](https://opencollective.com/verdaccio/sponsor/3/avatar.svg)](https://opencollective.com/verdaccio/sponsor/3/website) [![sponsor](https://opencollective.com/verdaccio/sponsor/4/avatar.svg)](https://opencollective.com/verdaccio/sponsor/4/website) [![sponsor](https://opencollective.com/verdaccio/sponsor/5/avatar.svg)](https://opencollective.com/verdaccio/sponsor/5/website) [![sponsor](https://opencollective.com/verdaccio/sponsor/6/avatar.svg)](https://opencollective.com/verdaccio/sponsor/6/website) [![sponsor](https://opencollective.com/verdaccio/sponsor/7/avatar.svg)](https://opencollective.com/verdaccio/sponsor/7/website) [![sponsor](https://opencollective.com/verdaccio/sponsor/8/avatar.svg)](https://opencollective.com/verdaccio/sponsor/8/website) [![sponsor](https://opencollective.com/verdaccio/sponsor/9/avatar.svg)](https://opencollective.com/verdaccio/sponsor/9/website) ## Open Collective Backers Thank you to all our backers! 🙏 [[Become a backer](https://opencollective.com/verdaccio/contribute)] [![backers](https://opencollective.com/verdaccio/backers.svg?width=890)](https://opencollective.com/verdaccio/contributes) ## Special Thanks Thanks to the following companies to help us to achieve our goals providing free open source licenses. [![jetbrains](https://github.com/verdaccio/verdaccio/blob/master/assets/thanks/jetbrains/logo.jpg?raw=true)](https://www.jetbrains.com/) [![crowdin](https://github.com/verdaccio/verdaccio/blob/master/assets/thanks/crowdin/logo.png?raw=true)](https://crowdin.com/) ## Contributors This project exists thanks to all the people who contribute. [[Contribute](https://github.com/verdaccio/verdaccio/blob/master/CONTRIBUTING.md)]. [![contributors](https://opencollective.com/verdaccio/contributors.svg?width=890&button=true)](https://github.com/verdaccio/verdaccio/graphs/contributors) ## FAQ / Contact / Troubleshoot If you have any issue you can try the following options. Do not hesitate to ask or check our issues database. Perhaps someone has asked already what you are looking for. - [Blog](https://verdaccio.org/blog/) - [Donations](https://opencollective.com/verdaccio) - [Reporting an issue](https://github.com/verdaccio/verdaccio/blob/master/CONTRIBUTING.md#reporting-a-bug) - [Running discussions](https://github.com/orgs/verdaccio/discussions) - [Chat](https://discord.com/channels/388674437219745793) - [Logos](https://verdaccio.org/docs/logo) - [Docker Examples](https://github.com/verdaccio/verdaccio/tree/master/docker-examples) - [FAQ](https://github.com/verdaccio/verdaccio/issues?utf8=%E2%9C%93&q=is%3Aissue%20label%3Aquestion%20) ## License Verdaccio is [MIT licensed](https://github.com/verdaccio/verdaccio/blob/master/LICENSE) The Verdaccio documentation and logos (excluding /thanks, e.g., .md, .png, .sketch files within the /assets folder) are [Creative Commons licensed](https://creativecommons.org/licenses/by/4.0/).