mirror of
https://github.com/umami-software/umami.git
synced 2026-02-20 04:25:39 +01:00
add auth-code
This commit is contained in:
parent
f5ec637cfa
commit
f9fd938863
6 changed files with 93 additions and 16 deletions
|
|
@ -5,16 +5,20 @@ import { JWT, JWE, JWK } from 'jose';
|
|||
import { startOfMonth } from 'date-fns';
|
||||
|
||||
const SALT_ROUNDS = 10;
|
||||
const KEY = JWK.asKey(Buffer.from(secret()));
|
||||
const KEY = key();
|
||||
const ROTATING_SALT = hash(startOfMonth(new Date()).toUTCString());
|
||||
const CHARS = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
|
||||
|
||||
export function key(value) {
|
||||
return JWK.asKey(Buffer.from(secret(value)));
|
||||
}
|
||||
|
||||
export function hash(...args) {
|
||||
return crypto.createHash('sha512').update(args.join('')).digest('hex');
|
||||
}
|
||||
|
||||
export function secret() {
|
||||
return hash(process.env.HASH_SALT || process.env.DATABASE_URL);
|
||||
export function secret(secret = process.env.HASH_SALT || process.env.DATABASE_URL) {
|
||||
return hash(secret);
|
||||
}
|
||||
|
||||
export function salt() {
|
||||
|
|
@ -51,23 +55,23 @@ export async function createToken(payload) {
|
|||
return JWT.sign(payload, KEY);
|
||||
}
|
||||
|
||||
export async function parseToken(token) {
|
||||
export async function parseToken(token, key = KEY) {
|
||||
try {
|
||||
return JWT.verify(token, KEY);
|
||||
return JWT.verify(token, key);
|
||||
} catch {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
export async function createSecureToken(payload) {
|
||||
return JWE.encrypt(await createToken(payload), KEY);
|
||||
export async function createSecureToken(payload, key = KEY) {
|
||||
return JWE.encrypt(await createToken(payload), key);
|
||||
}
|
||||
|
||||
export async function parseSecureToken(token) {
|
||||
export async function parseSecureToken(token, key = KEY) {
|
||||
try {
|
||||
const result = await JWE.decrypt(token, KEY);
|
||||
const result = await JWE.decrypt(token, key);
|
||||
|
||||
return parseToken(result.toString());
|
||||
return parseToken(result.toString(), key);
|
||||
} catch {
|
||||
return null;
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue