UNPKG

auth-vir

Version:

Auth made easy and secure via JWT cookies, CSRF tokens, and password hashing helpers.

github.com/electrovir/auth-vir

electrovir/auth-vir

65 lines (64 loc) 2.46 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
import { type PartialWithUndefined } from '@augment-vir/common'; import { type AnyDuration } from 'date-vir'; import { type Primitive } from 'type-fest'; import { type CreateJwtParams, type ParseJwtParams } from './jwt.js'; import { type UserJwtData } from './user-jwt.js'; /** * Parameters for {@link generateAuthCookie}. * * @category Internal */ export type CookieParams = { /** * The origin of the host (backend) service that cookies will be included in all requests to. * This should be restricted to just your host (backend) origin for security purposes. * * @example 'https://www.example.com' */ hostOrigin: string; /** * The max duration of this cookie. Or, in other words, the max user session duration before * they're logged out. */ cookieDuration: AnyDuration; /** * All JWT parameters required for generating the encrypted JWT that will be embedded in the * Cookie. Note that all JWT keys contained herein should never shared with any frontend, * client, etc. */ jwtParams: Readonly<CreateJwtParams>; cookieName?: string; } & PartialWithUndefined<{ /** * Is set to `true` (which should only be done in development environments), the cookie will be * allowed in insecure requests (non HTTPS requests). * * @default false */ isDev: boolean; }>; /** * Generate a secure cookie that stores the user JWT data. Used in host (backend) code. * * @category Internal */ export declare function generateAuthCookie(userJwtData: Readonly<UserJwtData>, cookieConfig: Readonly<CookieParams>): Promise<string>; /** * Generate a cookie value that will clear the previous auth cookie. Use this when signing out. * * @category Internal */ export declare function clearAuthCookie(cookieConfig: Readonly<Pick<CookieParams, 'cookieName' | 'hostOrigin' | 'isDev'>>): string; /** * Generate a cookie string from a raw set of parameters. * * @category Internal */ export declare function generateCookie(params: Readonly<Record<string, Exclude<Primitive, symbol>>>): string; /** * Extract an auth cookie from a cookie string. Used in host (backend) code. * * @category Internal * @returns The extracted auth Cookie JWT data or `undefined` if no valid auth JWT data was found. */ export declare function extractCookieJwt(rawCookie: string, jwtParams: Readonly<ParseJwtParams>, cookieName?: string): Promise<undefined | UserJwtData>;