sf-token
v2.0.0
Published
Service for creating and checking temporary tokens.
Downloads
250
Readme
sf-token
Service for creating and checking temporary tokens.
Usage
import TokenService from 'sf-token';
import createObjectId from 'mongodb/objectid';
// Create a token service instance
let tokenService = new TokenService({
uniqueId: createObjectId,
secret: 'mysecret',
});
// create a token: the content may be any JSON serializable data
let endOfLife = Date.now() + 36000;
let {hash, ...envelope} = Service.createToken({
method: 'GET',
uri: '/user/abbacacaabbacacaabbacaca/subscriptions/report_received',
}, endOfLife);
// `hash` is for the client, you'll need it and `_id` to check the token
// validity
// `envelope` contains the token id (`_id` key), its validity (`endOfLife` key)
// and the given contents (`contents` key), you can store it as is in your
// database
// when the user connect to a uri
myApp.get('/tokens/:_id?hash=:hash', (req, res, next) {
getFromDb(req._id)
.then((envelope) => {
tokenService.checkToken(envelope, req.hash);
// Accept access (redirection may be based on the `envelope` contents )
}).catch((err) => {
// Refuse access
});
});
Note that this only verify the hash and its validity regarding to the current time. You'll have to manage persistence yourself.
Modules
- TokenService
- new TokenService()
- .createToken ⇒ Object
- .checkToken ⇒ void
- .createHash ⇒ String
new TokenService()
Create a new TokenService instance
Returns: Object - A TokenService instance
Throws:
- YError(E_BAD_SECRET) If there is no secret given
- YError(E_NO_ID_GENERATOR) If there is no id generator available
- YError(E_BAD_TIME) If the given time function is not right
- YError(E_BAD_ALGORITHM) If the given algorithm is not supported
| Param | Type | Description | | --- | --- | --- | | options.secret | String | Some salt for hash | | options.uniqueId | function | A unique id generator | | options.time | function | A time function (defaults to Date.now()) | | options.algorithm | String | Algorithm to use (default to 'sha256') |
Example
let tk = new TokenService({
secret: 'mysecret',
uniqueId: createObjectId,
time: Date.now.bind(Date),
algorithm: 'md5',
});
tokenService.createToken ⇒ Object
Create a new token and return it envelope
Kind: instance property of TokenService
Returns: Object - The token envelope.
Throws:
- YError(E_NO_CONTENT) If there is no content
- YError(E_NO_END_OF_LIFE) If there is no end of life
- YError(E_PAST_END_OF_LIFE) If the end of life is past
Api: public
| Param | Type | Description | | --- | --- | --- | | contents | Object | Some JSON serializable content. | | endOfLife | Number | The time when the token is outdated. |
Example
tk.createToken({
uri: '/plop'
}, Date.now() + 3600000);
// {
// _id: 'abbacacaabbacacaabbacaca',
// endOfLife: 1441981754461,
// hash: '13371ee713371ee713371ee7',
// contents: { uri: '/plop' },
// }
tokenService.checkToken ⇒ void
Check a token envelope against a given hash
Kind: instance property of TokenService
Throws:
- YError(E_NO_HASH) If there is no hash
- YError(E_NO_ID) If there is no id
- YError(E_NO_CONTENT) If there is no content
- YError(E_NO_END_OF_LIFE) If there is no end of life
- YError(E_BAD_HASH) If the hash do not match
- YError(E_PAST_END_OF_LIFE) If the end of life is past
Api: public
| Param | Type | Description | | --- | --- | --- | | envelope._id | String | The token id | | envelope.endOfLife | Number | The token validity | | envelope.contents | Object | The token contents | | hash | String | The given hash to check against |
Example
tk.checkToken({
// _id: 'abbacacaabbacacaabbacaca',
// endOfLife: 1441981754461,
// contents: { uri: '/plop' },
}, '13371ee713371ee713371ee7');
tokenService.createHash ⇒ String
Create a hash from the given envelope
Kind: instance property of TokenService
Returns: String - The resulting hash
Api: private
| Param | Type | Description | | --- | --- | --- | | envelope._id | String | The token id | | envelope.endOfLife | Number | The token validity | | envelope.contents | Object | The token contents |