commit 1628dee06694dc694d656b250b71e3d3e133f39c Author: 宇天 Date: Thu Sep 17 19:11:10 2020 +0800 init diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ba04381 --- /dev/null +++ b/.gitignore @@ -0,0 +1,11 @@ + +.Spotlight-V100 +.Trashes +.DS_Store +.AppleDouble +.LSOverride +._* +.idea +.vscode + +node_modules diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..ab60297 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2018 + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/Readme.md b/Readme.md new file mode 100644 index 0000000..77191b0 --- /dev/null +++ b/Readme.md @@ -0,0 +1,12 @@ +![module info](https://nodei.co/npm/@gm5/controller.png?downloads=true&downloadRank=true&stars=true) + +# @gm5/controller + +> 控制器基类。 + +## 安装 + +```bash +npm install @gm5/controller +``` + diff --git a/index.js b/index.js new file mode 100644 index 0000000..13b3216 --- /dev/null +++ b/index.js @@ -0,0 +1,62 @@ +/** + * json web token + * @author yutent + * @date 2020/09/16 17:23:52 + */ + +import crypto from 'crypto.js' +import { base64encode, base64decode } from 'crypto.js' + +function hmac(str, secret) { + var buf = crypto.hmac('sha256', str, secret, 'buffer') + return base64encode(buf, true) +} + +export default class Jwt { + constructor(expires, secret) { + this.expires = expires + this.secret = secret + } + + // 签名, 返回token + sign(data) { + // header: base64("{"typ":"JWT","alg":"HS256"}") + // 这里固定使用sha256, + var header = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9' + var { expires, secret } = this + + // 加入过期时间, 同session.ttl + var payload = { data, expires: Date.now() + expires * 1000 } + var auth_str = '' + + payload = JSON.stringify(payload) + payload = base64encode(payload, true) + auth_str = hmac(`${header}.${payload}`, secret) + + return [header, payload, auth_str].join('.') + } + + // 校验token + verify(token) { + var { secret } = this + var jwt = token.split('.') + var auth_str, payload + + if (jwt.length !== 3) { + return false + } + auth_str = jwt.pop() + payload = JSON.parse(base64decode(jwt[1], true)) + + // 如果已经过期, 则不再校验hash + if (payload.expires < Date.now()) { + return 'expired' + } + + if (hmac(jwt.join('.'), secret) === auth_str) { + return payload.data + } + + return false + } +} diff --git a/package-lock.json b/package-lock.json new file mode 100644 index 0000000..0932734 --- /dev/null +++ b/package-lock.json @@ -0,0 +1,13 @@ +{ + "name": "@gm5/jwt", + "version": "1.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "crypto.js": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/crypto.js/-/crypto.js-2.0.1.tgz", + "integrity": "sha512-QUN3MEai0qwgFRj9jYY0V8O5ssJwLmSrxlYUVrsryx3UlgIiDQaCsM4613WGv0dKHoHtIozoJTTSYDJHR8xAtw==" + } + } +} diff --git a/package.json b/package.json new file mode 100644 index 0000000..59008ad --- /dev/null +++ b/package.json @@ -0,0 +1,14 @@ +{ + "name": "@gm5/jwt", + "version": "1.0.0", + "type": "module", + "description": "JSON WEB TOKEN", + "main": "index.js", + "author": "yutent", + "keywords": ["fivejs", "jwt", "http"], + "repository": "https://github.com/bytedo/gmf.jwt.git", + "license": "MIT", + "dependencies": { + "crypto.js": "^2.0.1" + } +}