mirror of https://gitee.com/bigwinds/arangodb
70 lines
2.2 KiB
JavaScript
70 lines
2.2 KiB
JavaScript
'use strict';
|
|
|
|
// //////////////////////////////////////////////////////////////////////////////
|
|
// / DISCLAIMER
|
|
// /
|
|
// / Copyright 2015-2016 ArangoDB GmbH, Cologne, Germany
|
|
// /
|
|
// / Licensed under the Apache License, Version 2.0 (the "License")
|
|
// / you may not use this file except in compliance with the License.
|
|
// / You may obtain a copy of the License at
|
|
// /
|
|
// / http://www.apache.org/licenses/LICENSE-2.0
|
|
// /
|
|
// / Unless required by applicable law or agreed to in writing, software
|
|
// / distributed under the License is distributed on an "AS IS" BASIS,
|
|
// / WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// / See the License for the specific language governing permissions and
|
|
// / limitations under the License.
|
|
// /
|
|
// / Copyright holder is ArangoDB GmbH, Cologne, Germany
|
|
// /
|
|
// / @author Alan Plum
|
|
// //////////////////////////////////////////////////////////////////////////////
|
|
|
|
const assert = require('assert');
|
|
const crypto = require('@arangodb/crypto');
|
|
|
|
module.exports = function jwtStorage (cfg) {
|
|
if (typeof cfg === 'string') {
|
|
cfg = {secret: cfg};
|
|
}
|
|
if (!cfg) {
|
|
cfg = {};
|
|
}
|
|
assert(cfg.algorithm === 'none' || cfg.secret, `Must pass a JWT secret for "${cfg.algorithm}" algorithm`);
|
|
assert(cfg.algorithm !== 'none' || !cfg.secret, 'Must NOT pass a JWT secret for "none" algorithm');
|
|
const algorithm = cfg.algorithm || 'HS512';
|
|
const ttl = (cfg.ttl || 60 * 60);
|
|
const maxVal = cfg.maxExp || Infinity;
|
|
return {
|
|
fromClient (sid) {
|
|
const token = crypto.jwtDecode(cfg.secret, sid, cfg.verify === false);
|
|
if (Date.now() > token.exp * 1000 || token.exp > maxVal) {
|
|
return null;
|
|
}
|
|
return {
|
|
uid: token.uid,
|
|
created: token.iat * 1000,
|
|
data: token.payload
|
|
};
|
|
},
|
|
forClient (session) {
|
|
const token = {
|
|
uid: session.uid,
|
|
iat: Math.floor(session.created / 1000),
|
|
payload: session.data,
|
|
exp: Math.floor(Date.now() / 1000) + ttl
|
|
};
|
|
return crypto.jwtEncode(cfg.secret, token, algorithm);
|
|
},
|
|
new () {
|
|
return {
|
|
uid: null,
|
|
created: Date.now(),
|
|
data: null
|
|
};
|
|
}
|
|
};
|
|
};
|