UNPKG

next-auth

Version:

Authentication for Next.js

next-auth.js.org

nextauthjs/next-auth

103 lines (89 loc) 2.58 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
"use strict"; var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault"); Object.defineProperty(exports, "__esModule", { value: true }); var _exportNames = { encode: true, decode: true, getToken: true }; exports.encode = encode; exports.decode = decode; exports.getToken = getToken; var _jose = require("jose"); var _hkdf = _interopRequireDefault(require("@panva/hkdf")); var _uuid = require("uuid"); var _cookie = require("../core/lib/cookie"); var _types = require("./types"); Object.keys(_types).forEach(function (key) { if (key === "default" || key === "__esModule") return; if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return; if (key in exports && exports[key] === _types[key]) return; Object.defineProperty(exports, key, { enumerable: true, get: function () { return _types[key]; } }); }); const DEFAULT_MAX_AGE = 30 * 24 * 60 * 60; const now = () => Date.now() / 1000 | 0; async function encode({ token = {}, secret, maxAge = DEFAULT_MAX_AGE }) { const encryptionSecret = await getDerivedEncryptionKey(secret); return await new _jose.EncryptJWT(token).setProtectedHeader({ alg: "dir", enc: "A256GCM" }).setIssuedAt().setExpirationTime(now() + maxAge).setJti((0, _uuid.v4)()).encrypt(encryptionSecret); } async function decode({ token, secret }) { if (!token) return null; const encryptionSecret = await getDerivedEncryptionKey(secret); const { payload } = await (0, _jose.jwtDecrypt)(token, encryptionSecret, { clockTolerance: 15 }); return payload; } async function getToken(params) { const { req, secureCookie = !(!process.env.NEXTAUTH_URL || process.env.NEXTAUTH_URL.startsWith("http://")), cookieName = secureCookie ? "__Secure-next-auth.session-token" : "next-auth.session-token", raw, decode: _decode = decode, logger = console } = params !== null && params !== void 0 ? params : {}; if (!req) throw new Error("Must pass `req` to JWT getToken()"); const sessionStore = new _cookie.SessionStore({ name: cookieName, options: { secure: secureCookie } }, { cookies: req.cookies, headers: req.headers }, logger); const token = sessionStore.value; if (!token) return null; if (raw) return token; try { return await _decode({ token, ...params }); } catch (_unused) { return null; } } async function getDerivedEncryptionKey(secret) { return await (0, _hkdf.default)("sha256", secret, "", "NextAuth.js Generated Encryption Key", 32); }