47 lines
1.2 KiB
TypeScript
47 lines
1.2 KiB
TypeScript
import * as crypto from 'crypto';
|
|
import * as jwt from 'jsonwebtoken';
|
|
|
|
export interface AccessTokenPayload {
|
|
sub: string;
|
|
email: string;
|
|
role: string;
|
|
type: 'access';
|
|
}
|
|
|
|
export interface RefreshTokenPayload {
|
|
sub: string;
|
|
type: 'refresh';
|
|
}
|
|
|
|
export function signAccessToken(
|
|
payload: Omit<AccessTokenPayload, 'type'>,
|
|
secret: string,
|
|
expiresIn: string,
|
|
): string {
|
|
return jwt.sign({ ...payload, type: 'access' }, secret, { expiresIn } as any);
|
|
}
|
|
|
|
export function signRefreshToken(
|
|
payload: Omit<RefreshTokenPayload, 'type'>,
|
|
secret: string,
|
|
expiresIn: string,
|
|
): string {
|
|
return jwt.sign({ ...payload, type: 'refresh' }, secret, { expiresIn } as any);
|
|
}
|
|
|
|
export function verifyAccessToken(token: string, secret: string): AccessTokenPayload {
|
|
return jwt.verify(token, secret) as AccessTokenPayload;
|
|
}
|
|
|
|
export function verifyRefreshToken(token: string, secret: string): RefreshTokenPayload {
|
|
return jwt.verify(token, secret) as RefreshTokenPayload;
|
|
}
|
|
|
|
export function hashToken(raw: string): string {
|
|
return crypto.createHash('sha256').update(raw).digest('hex');
|
|
}
|
|
|
|
export function generateRawToken(): string {
|
|
return crypto.randomBytes(48).toString('hex');
|
|
}
|