last-shield
Version:
Last-Shield is a powerful and flexible security library designed to enhance the protection of your web applications.
47 lines (46 loc) • 2 kB
JavaScript
;
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
var _a;
Object.defineProperty(exports, "__esModule", { value: true });
exports.storeToken = exports.refreshToken = exports.generateToken = exports.hasRole = exports.verifyToken = void 0;
const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
const store_1 = require("./store");
const zustand_1 = require("zustand");
const SECRET_KEY = String((_a = process === null || process === void 0 ? void 0 : process.env) === null || _a === void 0 ? void 0 : _a.NEXT_PUBLIC_LAST_SECRET_KEY);
const verifyToken = (token) => {
try {
const decoded = jsonwebtoken_1.default.verify(token, SECRET_KEY);
const userData = {
account_no: decoded.account_no || null,
user_role: decoded.user_role || null,
};
return { valid: true, decoded: userData };
}
catch (error) {
return { valid: false, error: error === null || error === void 0 ? void 0 : error.message };
}
};
exports.verifyToken = verifyToken;
const hasRole = (decodedToken, requiredRole) => {
return decodedToken && decodedToken.user_role === requiredRole;
};
exports.hasRole = hasRole;
const generateToken = (userData) => {
return jsonwebtoken_1.default.sign(userData, SECRET_KEY, { expiresIn: '1h' });
};
exports.generateToken = generateToken;
const refreshToken = (oldToken) => {
const { valid, decoded } = (0, exports.verifyToken)(oldToken);
if (valid) {
return (0, exports.generateToken)({ account_no: decoded === null || decoded === void 0 ? void 0 : decoded.account_no, user_role: decoded === null || decoded === void 0 ? void 0 : decoded.user_role });
}
return null;
};
exports.refreshToken = refreshToken;
const storeToken = (token) => {
const { setLastToken } = (0, zustand_1.useStore)(store_1.useLastTokenStore);
setLastToken(token);
};
exports.storeToken = storeToken;