gm5
/
jwt
1
0
Fork 0
Code Issues Pull Requests Wiki Activity

完成2.0版重构

v2
yutent 2023-10-31 18:37:08 +08:00
parent 458c2b403f
commit e2433cba13
2 changed files with 63 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
index.js
View File

@ -7,55 +7,69 @@
import crypto from 'crypto.js' import crypto from 'crypto.js'
import { base64encode, base64decode, sha1 } from 'crypto.js' import { base64encode, base64decode, sha1 } from 'crypto.js'
const HS256_HEADER = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9'
const DEFAULT_CONFIG = {
ttl: 3600 * 24 * 7,
level: 0, // 校验级别, 0: 不校验客户端, 2: ua, 4: ip, 6: ua + ip
secret: 'it_is_secret_key' // jwt密钥, 使用时请修改
}
function hmac(str, secret) { function hmac(str, secret) {
var buf = crypto.hmac('sha256', str, secret, 'buffer') let buf = crypto.hmac('sha256', str, secret, 'buffer')
return base64encode(buf, true) return base64encode(buf, true)
} }
export function createJwtModule() { export const JwtModule = {
return { name: 'jwt',
name: 'jwt', install(conf = {}) {
install() { if (!conf.secret) {
return { console.warn(
// 签名, 返回token new Error(
sign(data, secret, ttl) { 'Please make sure to set the `secret` field, as the default value is not secure'
// header: base64("{"typ":"JWT","alg":"HS256"}") )
// 这里固定使用sha256, )
var header = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9' }
// 加入过期时间, let jwt = Object.assign({}, DEFAULT_CONFIG, conf)
var payload = { data, expires: Date.now() + ttl * 1000 } this.set({ jwt })
var auth_str = ''
payload = JSON.stringify(payload) return {
payload = base64encode(payload, true) ttl: jwt.ttl,
auth_str = hmac(`${header}.${payload}`, secret) // 签名, 返回token
// header: base64("{"typ":"JWT","alg":"HS256"}")
// 这里固定使用sha256
sign(data, secret) {
// 加入过期时间,
let payload = { data, expires: Date.now() + this.ttl * 1000 }
let token = ''
return [header, payload, auth_str].join('.') payload = base64encode(JSON.stringify(payload), true)
}, token = hmac(`${HS256_HEADER}.${payload}`, secret)
// 校验token return `${HS256_HEADER}.${payload}.${token}`
verify(token = '', secret) { },
var jwt = token.split('.')
var auth_str, payload
if (jwt.length !== 3) { // 校验token
return false verify(token = '', secret) {
} let jwt = token.split('.')
auth_str = jwt.pop() let auth, payload
payload = JSON.parse(base64decode(jwt[1], true))
// 如果已经过期, 则不再校验hash
if (payload.expires < Date.now()) {
return false
}
if (hmac(jwt.join('.'), secret) === auth_str) {
return payload.data
}
if (jwt.length !== 3) {
return false return false
} }
auth = jwt.pop()
payload = JSON.parse(base64decode(jwt[1], true))
// 如果已经过期, 则不再校验hash
if (payload.expires < Date.now()) {
return false
}
if (hmac(jwt.join('.'), secret) === auth) {
return payload.data
}
return false
} }
} }
} }
@ -63,9 +77,9 @@ export function createJwtModule() {
export function createJwt() { export function createJwt() {
return function (req, res, next) { return function (req, res, next) {
var { secret, level } = this.get('jwt') let { secret, level } = this.get('jwt')
var deviceID = '' let deviceID = ''
var ssid let ssid
// options请求不处理jwt // options请求不处理jwt
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {

12
package.json
View File

@ -1,12 +1,18 @@
{ {
"name": "@gm5/jwt", "name": "@gm5/jwt",
"version": "1.1.0", "version": "2.0.0",
"type": "module", "type": "module",
"description": "json web token", "description": "json web token",
"main": "index.js", "main": "index.js",
"author": "yutent", "author": "yutent",
"keywords": ["fivejs", "jwt", "http"], "keywords": [
"repository": "https://github.com/bytedo/gmf.jwt.git", "fivejs",
"gm5",
"jwt",
"http",
"json_web_token"
],
"repository": "https://git.wkit.fun/gm5/jwt.git",
"license": "MIT", "license": "MIT",
"dependencies": { "dependencies": {
"crypto.js": "^2.0.1" "crypto.js": "^2.0.1"