Switch to json web tokens.

2026-02-11 16:17:13 +01:00 · 2020-07-22 20:45:09 -07:00 · 2020-07-22 20:45:09 -07:00 · cb0c912c5b
commit cb0c912c5b
parent 5219582803
10 changed files with 202 additions and 86 deletions
--- a/lib/crypto.js
+++ b/lib/crypto.js
@ -1,31 +1,38 @@
 import crypto from 'crypto';
-import { v5 as uuid, v4 } from 'uuid';
-import Cryptr from 'cryptr';
+import { v5 } from 'uuid';
+import jwt from 'jsonwebtoken';
+import bcrypt from 'bcrypt';

 const UUID_REGEX = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-5][0-9a-f]{3}-[089ab][0-9a-f]{3}-[0-9a-f]{12}$/;

-const cryptr = new Cryptr(hash(process.env.HASH_SALT, process.env.DATABASE_URL));
-
-export function md5(s) {
-  return crypto.createHash('md5').update(s).digest('hex');
+export function sha256(...args) {
+  return crypto.createHash('sha256').update(args.join('')).digest('hex');
 }

-export function hash(...args) {
-  return uuid(args.join(''), md5(process.env.HASH_SALT));
+export function secret() {
+  return sha256(process.env.HASH_SALT);
 }

-export function validHash(s) {
+export function uuid(...args) {
+  return v5(args.join(''), v5(process.env.HASH_SALT, v5.DNS));
+}
+
+export function random(n = 64) {
+  return crypto.randomBytes(n).toString('hex');
+}
+
+export function isValidHash(s) {
  return UUID_REGEX.test(s);
 }

-export function encrypt(s) {
-  return cryptr.encrypt(s);
+export async function createToken(payload, options) {
+  return jwt.sign(payload, secret(), options);
 }

-export function decrypt(s) {
-  return cryptr.decrypt(s);
+export async function parseToken(token, options) {
+  return jwt.verify(token, secret(), options);
 }

-export function random() {
-  return v4();
+export function checkPassword(password, hash) {
+  return bcrypt.compare(password, hash);
 }