secure-auth-utils
v1.0.6
Published
SecureAuth is a comprehensive Node.js package that provides easy-to-use utilities for authentication and security-related tasks. It includes functions for generating and verifying JWT tokens, hashing passwords securely, and refreshing authentication token
Downloads
28
Maintainers
Readme
secure-auth-utils
SecureAuth is a comprehensive Node.js package that provides easy-to-use utilities for authentication and security-related tasks. It includes functions for generating and verifying JWT tokens, hashing passwords securely, and refreshing authentication tokens. With SecureAuth, developers can quickly implement secure authentication mechanisms in their Node.js applications, ensuring the integrity and confidentiality of user data.
Installation
You can install this package via npm:
npm install secure-auth-utils jsonwebtoken
yarn add secure-auth-utils jsonwebtoken
Usage
Generating a Token
const { generateToken } = require('secure-auth-utils');
// Generate a token
const token = generateToken({
data: { userId: 123 },
tokenSecret: 'your-secret-key'
});
console.log('Generated Token:', token);
Decoding a Token
const { decodedToken } = require('secure-auth-utils');
// Decode a token
const decodedData = decodedToken({
token: 'your-encoded-token',
tokenSecret: 'your-secret-key'
});
console.log('Decoded Data:', decodedData);
Refreshing a Token
expiresIn : Eg: 60, "2 days", "10h", "7d"
const { refreshTokenEncoded } = require('secure-auth-utils');
// Refresh a token with hashed password
const refreshedToken = refreshTokenEncoded({
hashedPass: 'your-hashed-password',
data: { userId: 123 },
expiresIn: '7 days',
tokenSecret: 'your-secret-key'
});
console.log('Refreshed Token:', refreshedToken);
const getRefreshToken = refreshTokenEncoded({
data:{email:"[email protected]", role: 'user',},
hashedPass: hashedPass,
expiresIn: '7 days',
tokenSecret: 'your-secret-key'
})
NB: Recommend you use hashedPass (hash) for extra security . 🤫🤐🔐..
const tokenDecode = await decodedToken({
token: ref_tkn,
tokenSecret: process.env.USER_REFRESH_TOKEN
});
if (tokenDecode.success) {
const { data, sessionToken, role } = tokenDecode?.data
// if use hashedPass then you get sessionToken;
const getSalt = sessionToken?.split('####')?.[0];
const getHash = sessionToken?.split('####')?.[1];
//check hashed
// make sure encoding, algorithm are same
const check = passwordHashing({salt: getSalt,hash: hashedPass}).hash == getHash;
// code execute
}
else{
// code execute
}
Hashing a Password
const { passwordHashing } = require('secure-auth-utils');
// Hash a password
const hashedPassword = passwordHashing({
password: 'your-password',
salt: 'your-salt',
algorithm: 'sha256',
encoding: 'base64'
});
console.log('Hashed Password:', hashedPassword.hash);
Checking Password
const { checkPassword } = require('secure-auth-utils');
// Check if password matches hash
const isMatch = checkPassword({
salt: 'your-salt',
hash: 'your-hashed-password',
password: 'your-password'
});
console.log('Password Match:', isMatch);
API Reference
generateToken(options)
Generates a JWT token.
options
(object):data
(object): The data payload to be included in the token.tokenSecret
(string): The secret key used for token generation.expiresIn
(string): The expiration time for the token (optional, defaults to '24h').algorithm
(string): The signing algorithm to be used (optional, defaults to "HS256").
Returns an object containing the generated token and success status.
decodedToken(options)
Decodes a JWT token.
options
(object):tokenSecret
(string): The secret key used for token verification.token
(string): The JWT token to be decoded.
Returns an object containing the decoded data and success status.
refreshTokenEncoded(options)
Refreshes a token encoded.
options
(object):hashedPass
(string): The hashed password (optional).data
(object): Additional data to be included in the token.expiresIn
(string): The expiration time for the token (optional).tokenSecret
(string): The secret key used for token generation.
Returns the refreshed token or null if hashedPass is not provided.
passwordHashing(options)
Hashes a password.
options
(object):salt
(string): The salt used for hashing (optional, autogenerated if not provided).password
(string): The password to be hashed.algorithm
(string): The hashing algorithm to be used (optional, defaults to SHA256).encoding
(string): The encoding format for the hash (optional, defaults to 'base64').
Returns an object containing the salt, success status, and hashed password.
checkPassword(options)
Checks if a password matches the hashed value.
options
(object):salt
(string): The salt used for hashing.hash
(string): The hashed password to be checked.password
(string): The password to be validated.
Returns true if the password matches the hash, false otherwise.
Replace Your Package Name
with the actual name of your package and secure-auth-utils
with the npm package name. Also, make sure to update the function examples with relevant data and keys.