gm5
/
jwt
1
0
Fork 0
Code Issues Pull Requests Wiki Activity

更新导出结构; 增加index.d.ts声明

master
yutent 2025-01-06 10:52:59 +08:00
parent f0058ae87b
commit 7e29408bdf
3 changed files with 86 additions and 91 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
index.d.ts vendored
View File

@ -1,27 +1,21 @@
import Request from '@gm5/request'
import Response from '@gm5/response'
declare module '@gm5/jwt' {
//
interface JwtConfig {
secret: string
ttl?: number
level?: number
secret: string
}
interface JwtModule {
name: string
install(conf?: JwtConfig): {
interface JwtInstance {
ttl: number
sign(data: object, secret: string): string
verify(token: string, secret: string): object | false
}
interface JwtModule {
name: 'jwt'
install(conf?: JwtConfig): JwtInstance
}
export const JwtModule: JwtModule
export function createJwt(): (
req: Request,
res: Response,
next: () => void
) => void
export function createJwt(): JwtModule
}

117
index.js
View File

@ -18,64 +18,7 @@ function hmac_base64(str, secret) {
return base64encode(buf, true)
}
export const JwtModule = {
name: 'jwt',
install(conf = {}) {
if (!conf.secret) {
console.warn(
new Error(
'You must set a `secret` key for jwt, or it will use the default key.'
)
)
}
let jwt = Object.assign({}, DEFAULT_CONFIG, conf)
this.set({ jwt })
return {
ttl: jwt.ttl,
// 签名, 返回token
// header: base64("{"typ":"JWT","alg":"HS256"}")
// 这里固定使用sha256
sign(data, secret) {
// 加入过期时间,
let payload = { data, expires: Date.now() + this.ttl * 1000 }
let token = ''
payload = base64encode(JSON.stringify(payload), true)
token = hmac_base64(`${HS256_HEADER}.${payload}`, secret)
return `${HS256_HEADER}.${payload}.${token}`
},
// 校验token
verify(token = '', secret) {
let jwt = token.split('.')
let auth, payload
if (jwt.length !== 3) {
return false
}
auth = jwt.pop()
payload = JSON.parse(base64decode(jwt[1], true))
// 如果已经过期, 则不再校验hash
if (payload.expires < Date.now()) {
return false
}
if (hmac_base64(jwt.join('.'), secret) === auth) {
return payload.data
}
return false
}
}
}
}
export function createJwt() {
return function (req, res, next) {
function JwtMiddleware(req, res, next) {
let { secret, level } = this.get('jwt')
let deviceID = ''
let ssid
@ -103,4 +46,62 @@ export function createJwt() {
next()
}
export function createJwt() {
return {
name: 'jwt',
install(conf = {}) {
if (!conf.secret) {
console.warn(
new Error(
'You must set a `secret` key for jwt, or it will use the default key.'
)
)
}
let jwt = Object.assign({}, DEFAULT_CONFIG, conf)
this.set({ jwt })
this.use(JwtMiddleware)
return {
ttl: jwt.ttl,
// 签名, 返回token
// header: base64("{"typ":"JWT","alg":"HS256"}")
// 这里固定使用sha256
sign(data, secret) {
// 加入过期时间,
let payload = { data, expires: Date.now() + this.ttl * 1000 }
let token = ''
payload = base64encode(JSON.stringify(payload), true)
token = hmac_base64(`${HS256_HEADER}.${payload}`, secret)
return `${HS256_HEADER}.${payload}.${token}`
},
// 校验token
verify(token = '', secret) {
let jwt = token.split('.')
let [_, payload, auth] = jwt
if (jwt.length !== 3) {
return false
}
payload = JSON.parse(base64decode(payload, true))
// 如果已经过期, 则不再校验hash
if (payload.expires < Date.now()) {
return false
}
if (hmac_base64(jwt.join('.'), secret) === auth) {
return payload.data
}
return false
}
}
}
}
}

2
package.json
View File

@ -1,6 +1,6 @@
{
"name": "@gm5/jwt",
"version": "2.0.3",
"version": "3.0.0",
"type": "module",
"description": "json web token",
"main": "index.js",