mirror of https://gitee.com/bigwinds/arangodb
69 lines
2.0 KiB
JavaScript
69 lines
2.0 KiB
JavaScript
'use strict';
|
|
|
|
// //////////////////////////////////////////////////////////////////////////////
|
|
// / DISCLAIMER
|
|
// /
|
|
// / Copyright 2015-2016 ArangoDB GmbH, Cologne, Germany
|
|
// /
|
|
// / Licensed under the Apache License, Version 2.0 (the "License")
|
|
// / you may not use this file except in compliance with the License.
|
|
// / You may obtain a copy of the License at
|
|
// /
|
|
// / http://www.apache.org/licenses/LICENSE-2.0
|
|
// /
|
|
// / Unless required by applicable law or agreed to in writing, software
|
|
// / distributed under the License is distributed on an "AS IS" BASIS,
|
|
// / WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// / See the License for the specific language governing permissions and
|
|
// / limitations under the License.
|
|
// /
|
|
// / Copyright holder is ArangoDB GmbH, Cologne, Germany
|
|
// /
|
|
// / @author Alan Plum
|
|
// //////////////////////////////////////////////////////////////////////////////
|
|
|
|
const assert = require('assert');
|
|
const crypto = require('@arangodb/crypto');
|
|
|
|
module.exports = function jwtStorage (cfg) {
|
|
if (typeof cfg === 'string') {
|
|
cfg = {secret: cfg};
|
|
}
|
|
if (!cfg) {
|
|
cfg = {};
|
|
}
|
|
assert(cfg.algorithm === 'none' || cfg.secret, `Must pass a JWT secret for "${cfg.algorithm}" algorithm`);
|
|
assert(cfg.algorithm !== 'none' || !cfg.secret, 'Must NOT pass a JWT secret for "none" algorithm');
|
|
const algorithm = cfg.algorithm || 'HS512';
|
|
const ttl = (cfg.ttl || 60 * 60) * 1000;
|
|
return {
|
|
fromClient(sid) {
|
|
const token = crypto.jwtDecode(cfg.secret, sid, cfg.verify === false);
|
|
if (token.exp < Date.now()) {
|
|
return null;
|
|
}
|
|
return {
|
|
uid: token.uid,
|
|
created: token.iat,
|
|
data: token.payload
|
|
};
|
|
},
|
|
forClient(session) {
|
|
const token = {
|
|
uid: session.uid,
|
|
iat: session.created,
|
|
payload: session.data,
|
|
exp: Date.now() + ttl
|
|
};
|
|
return crypto.jwtEncode(cfg.secret, token, algorithm);
|
|
},
|
|
new() {
|
|
return {
|
|
uid: null,
|
|
created: Date.now(),
|
|
data: null
|
|
};
|
|
}
|
|
};
|
|
};
|