UNPKG

auth-vir

Version:

Auth made easy and secure via JWT cookies, CSRF tokens, and password hashing helpers.

github.com/electrovir/auth-vir

electrovir/auth-vir

45 lines (44 loc) 1.53 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
/** * The keys required to sign and encrypt the JWT in their raw form for storage in a secure secrets * database (such as AWS Secrets Manager) for later parsing by {@link parseJwtKeys}. * * These keys should be kept secret and never shared with any frontend, client, etc. * * @category Internal */ export type RawJwtKeys = Readonly<{ encryptionKey: string; signingKey: string; }>; /** * The keys required to sign and encrypt the JWT. * * These keys should be kept secret and never shared with any frontend, client, etc. * * @category Internal */ export type JwtKeys = Readonly<{ /** * Encryption key for JWTs. This is a Uint8Array because `EncryptJWT.encrypt` does not support * `CryptoKey` for our chosen encryption algorithm. */ encryptionKey: Readonly<Uint8Array>; /** Signing key for JWTs. */ signingKey: Readonly<CryptoKey>; }>; /** * Generate fresh and serialized JWT signing and encryption keys. These should be stored in a secure * secrets database (such as AWS Secrets Manager) for later parsing by {@link parseJwtKeys}. * * These keys should be kept secret and never shared with any frontend, client, etc. * * @category Keys */ export declare function generateNewJwtKeys(): Promise<RawJwtKeys>; /** * Parses an instance of {@link RawJwtKeys} and produces the final {@link JwtKeys} object required by * all authentication functionality. * * @category Keys */ export declare function parseJwtKeys(rawKeys: Readonly<RawJwtKeys>): Promise<Readonly<JwtKeys>>;