Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/nhz-io/nhz-io-jwt-hs256-proxy-auth-token
https://github.com/nhz-io/nhz-io-jwt-hs256-proxy-auth-token
Last synced: 3 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/nhz-io/nhz-io-jwt-hs256-proxy-auth-token
- Owner: nhz-io
- License: mit
- Created: 2017-11-10T20:36:58.000Z (about 7 years ago)
- Default Branch: master
- Last Pushed: 2017-11-10T23:48:31.000Z (about 7 years ago)
- Last Synced: 2024-05-02T02:19:30.656Z (8 months ago)
- Language: CoffeeScript
- Size: 6.84 KB
- Stars: 1
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.litcoffee
- License: LICENSE
Awesome Lists containing this project
README
# CouchDB ProxyAuth JWT HS256 Token generator
[![Travis Build][travis]](https://travis-ci.org/nhz-io/nhz-io-jwt-hs256-proxy-auth-token)
[![NPM Version][npm]](https://www.npmjs.com/package/@nhz.io/jwt-hs256-proxy-auth-token)> Generate JWT tokens with payload for CouchDB ProxyAuth (with expiration)
## Install
```bash
npm i @nhz.io/jwt-hs256-proxy-auth-token
```## Usage
```js
const jwt = require('@nhz.io/jwt-hs256-proxy-auth-token')const DURATION = 120 // seconds. Default.
token = jwt('secret', 'user', ['role1', 'role2'], DURATION)
```## Verified token example
> This is what the token will look like after successful verification with [jsonwebtoken][]
```json
{
"exp": 1510356100,
"iat": 1510356220,
"data": {
"user": "username",
"roles": ["role1", "role2"]
}
}
```### Imports
jwt = require 'jsonwebtoken'
### Generate token
> Curry to allow reuse
generate = (secret) -> (user) -> (roles, duration) ->
> Sanity
throw Error 'Invalid secret' unless secret and typeof secret is 'string'
throw Error 'Invalid user' unless user and typeof user is 'string'
> Roles should be array of strings
roles ?= []
throw Error 'Invalid roles' unless Array.isArray roles
throw Error 'Invalid roles' if (roles.filter (r) -> not r or typeof r isnt 'string').length
> Default duration is 120 seconds
duration ?= 120
> Max duration is one hour
throw Error 'Invalid duration' if (isNaN duration) or duration > 3600
> Sign the token
jwt.sign { data: { user, roles }, exp: Math.floor Date.now() / 1000 + duration }, secret
### API Wrapper
> Wrapper to allow calling both curried and full arguments
jwtHS256ProxyAuthToken = (secret, user, roles, duration) ->
> Start curried
token = generate secret
> Complete invocation or return curried generator
token = if user then token user else token
if roles then token roles, duration else token
### Exports
module.exports = jwtHS256ProxyAuthToken
## Test
assert = require 'assert'
> Test curry
assert.ok typeof (jwtHS256ProxyAuthToken 'secret') is 'function'
assert.ok typeof (jwtHS256ProxyAuthToken 'secret')('user') is 'function'
assert.ok typeof (jwtHS256ProxyAuthToken 'secret')('user')([]) is 'string'
> Test validation
jwtHS256ProxyAuthToken()
assert.throws (-> jwtHS256ProxyAuthToken()()()), /Invalid secret/
assert.throws (-> jwtHS256ProxyAuthToken(1)()()), /Invalid secret/
assert.throws (-> jwtHS256ProxyAuthToken('secret')()()), /Invalid user/
assert.throws (-> jwtHS256ProxyAuthToken('secret')(1)()), /Invalid user/
assert.throws (-> jwtHS256ProxyAuthToken('secret')('user')('foo')), /Invalid roles/
assert.throws (-> jwtHS256ProxyAuthToken('secret')('user')([1])), /Invalid roles/
assert.throws (-> jwtHS256ProxyAuthToken('secret')('user')([undefined])), /Invalid roles/
assert.throws (-> jwtHS256ProxyAuthToken('secret')('user')([''])), /Invalid roles/
assert.throws (-> jwtHS256ProxyAuthToken('secret')('user')([], 3601)), /Invalid duration/
> Test token
token = jwtHS256ProxyAuthToken 'secret', 'foo', ['users', 'foos']
assert.ok jwt.verify token, 'secret'
> Test bad secret
assert.throws (-> jwt.verify token, 'bad-secret'), /invalid signature/
> Test payload
assert.deepEqual { user: 'foo', roles: ['users', 'foos'] }, (jwt.verify token, 'secret').data
> Test expiration
token = jwtHS256ProxyAuthToken 'secret', 'foo', ['users', 'foos'], -1
assert.throws (-> jwt.verify token, 'secret'), /jwt expired/
console.log 'pass'
## Version 1.0.0
## License [MIT](LICENSE)
[jsonwebtoken]: https://github.com/auth0/node-jsonwebtoken
[travis]: https://img.shields.io/travis/nhz-io/nhz-io-jwt-hs256-proxy-auth-token.svg?style=flat
[npm]: https://img.shields.io/npm/v/@nhz.io/jwt-hs256-proxy-auth-token.svg?style=flat