UNPKG

secure-link

Version:

Functions to generate and validate resource access tokens.

github.com/chrisself/secure-link

chrisself/secure-link

41 lines (31 loc) 937 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
const { createHash } = require('crypto'); const errors = require('../utils/errors'); /** * Generate token to validate access to a secure resource * @param {Object} options Configuration for token generation * @return {Object} Token and expiration params (if generated) */ const generateNginxAccessToken = (options = {}) => { const { secret, path, lifetime } = options; if (!secret) { throw new Error(errors.missingSecret); } if (!path) { throw new Error(errors.missingResourcePath); } // Expression based on ngx_http_secure_link_module const expires = lifetime ? lifetime : ''; const data = `${path}${expires} ${secret}`; // Match secure_link_md5 directive const hash = createHash('md5').update(data).digest(); return Buffer.from(hash) .toString('base64') .replace(/\//g, '_') .replace(/=/g, '') .replace(/\+/g, '-'); }; module.exports = generateNginxAccessToken;