jwt-token-blacklist/lib/redis.js

A module based on jsonwebtoken package with blacklisting in redis or memory.

const jwt = require("jsonwebtoken")
const _ = require("lodash")
const redis = require("redis")
const promisify = require("util").promisify

const createRedisFilter = config => {
    let client = {}

    if (_.get(config, "store.client")) {
        client = _.get(config, "store.client")
    } else {
        return new Error("Redis client instance required")
    }

    const setAsync = promisify(client.set).bind(client)
    const getAsync = promisify(client.get).bind(client)

    const filter = {}
    filter.add = token => {
        if (!_.size(token)) {
            return Promise.reject("No token")
        }

        const decoded = jwt.decode(token)

        if (_.isNil(decoded.exp) || decoded.exp <= Math.floor(Date.now() / 1000)) {
            return Promise.reject("Expire time is missing or expired")
        }
        return setAsync(token, token, "EX", Math.floor(decoded.exp - Date.now() / 1000))
    }

    filter.check = token => {
        return new Promise((resolve, reject) => {
            getAsync(token)
                .then(checkRes => {
                    if (_.size(checkRes) && checkRes == token) {
                        reject("Token blacklisted!")
                    } else {
                        resolve("Token ok")
                    }
                })
                .catch(checkErr => reject(checkErr))
        })
    }

    return filter
}

module.exports = createRedisFilter