@mmdzov/pswd

v1.7.1

Published

2 years ago

**easy to encrypt/decrypt data with crypto-js**

Downloads

0High
0Medium
0Low

mmdzov

authorization authentication auth jwt jwt blacklist jsonwebtoken blacklist encryption

pswd

Validation, Authentication, Encryption. Simple and powerful

easy to encrypt/decrypt data with crypto-js

manage jsonwebtoken blacklists

You need a blacklist for more security in the tokens you created using jwt. When the user logs out of his account and if his token is still valid, he can copy and use it before leaving the account, but you can add his token to the blacklist after leaving the account, which can no longer be used .

requirement for jwt blacklist

-redis

install

npm i @mmdzov/pswd

Usage

Add Token to blacklist

const secret_key = "12345"
const ins = new Pswd(secret_key);
const client = await connect(); // return redis client
await ins.jwt.blacklist.config({ redisClient: client }).add("user_token"); // return boolean

Get list of blacklist

const client = await connect();
let result = await ins.jwt.blacklist.config({ redisClient: client }).getList(); //return array of object blacklist. like: [{ key: "BLACKLIST_TOKEN_3423473676", value: "TOKEN" }]

You can make the validation of your jwt tokens much easier, see the example below

const secret_key = "12345";

const pswd = new Pswd(secret_key);

const client = connect(); //? redis client . It does not matter if the result is a promise or not

const configured = pswd.jwt.blacklist.config({
  redisClient: client,
});

//* jwt checkpoint
const checkpoint = configured.auth(
  (result) => {
    if (result?.err) {
      return result.res?.json({
        ...result.err,
        message: "This token has already been blocked",
      }); //? Return a result when the token is blocked
      //? Prevent next operations
    }
    //? NOTE: There is no need to implement the next function because when the validation is confirmed, next runs behind the scenes
  },
  {
    token_key: "authorization", //? token key Header
  }
);

//* jwt auth
const auth = pswd.jwt.auth(
  (result) => {
    if (result.err?.type) {
      return result.res?.json({
        type: result.err.type,
      });
      //? Prevent next operations
    }
    console.log(result.data);
    //? NOTE: There is no need to implement the next function because when the validation is confirmed, next runs behind the scenes
  },
  {
    token_key: "authorization",
  }
);

app.use(checkpoint); //? Token checkpoint to check for blockage

app.use(auth);

You can also check the authorization and blacklist together and create a complete and simple checkpoint


const connect = () => {
  const client = createClient();
  client.on("error", (err) => console.log("Redis Client Error", err));
  await client.connect();
  return client;
}

const client = connect()
const secret_key = "12345";
const pswd = new Pswd(secret_key);

const config = {
  redisClient: client,
  token_key: "authorization",
};

const auto = pswd.jwt.auto(({ err, res }) => {
  if (err?.type) {
    return res.json({
      type: err?.type,
    });
  }
}, config);

app.use(auto);

Published

Vulnerabilities

Links

Maintainers

Keywords

Readme

pswd

Validation, Authentication, Encryption. Simple and powerful

requirement for jwt blacklist

You can make the validation of your jwt tokens much easier, see the example below

You can also check the authorization and blacklist together and create a complete and simple checkpoint