README
sf-token
Service for creating and checking temporary tokens.
Usage
import TokenService from 'sf-token';
import createObjectId from 'mongodb/objectid';
// Create a token service instance
let tokenService = new TokenService({
uniqueId: createObjectId,
secret: 'mysecret',
});
// create a token: the content may be any JSON serializable data
let endOfLife = Date.now() + 36000;
let {hash, ...envelope} = Service.createToken({
method: 'GET',
uri: '/user/abbacacaabbacacaabbacaca/subscriptions/report_received',
}, endOfLife);
// `hash` is for the client, you'll need it and `_id` to check the token
// validity
// `envelope` contains the token id (`_id` key), its validity (`endOfLife` key)
// and the given contents (`contents` key), you can store it as is in your
// database
// when the user connect to a uri
myApp.get('/tokens/:_id?hash=:hash', (req, res, next) {
getFromDb(req._id)
.then((envelope) => {
tokenService.checkToken(envelope, req.hash);
// Accept access (redirection may be based on the `envelope` contents )
}).catch((err) => {
// Refuse access
});
});
Note that this only verify the hash and its validity regarding to the current time. You'll have to manage persistence yourself.
Modules ## Classes ## sf-token **Api**: public ## TokenService **Kind**: global class **Api**: public
- TokenService
- new TokenService()
- .createToken ⇒
Object
- .checkToken ⇒
void
- .createHash ⇒
String
new TokenService()
Create a new TokenService instance
Returns: Object
- A TokenService instance
Throws:
YError(E_BAD_SECRET)
If there is no secret givenYError(E_NO_ID_GENERATOR)
If there is no id generator availableYError(E_BAD_TIME)
If the given time function is not rightYError(E_BAD_ALGORITHM)
If the given algorithm is not supported
Param | Type | Description |
---|---|---|
options.secret | String |
Some salt for hash |
options.uniqueId | function |
A unique id generator |
options.time | function |
A time function (defaults to Date.now()) |
options.algorithm | String |
Algorithm to use (default to 'sha256') |
Example
let tk = new TokenService({
secret: 'mysecret',
uniqueId: createObjectId,
time: Date.now.bind(Date),
algorithm: 'md5',
});
Object
tokenService.createToken ⇒ Create a new token and return it envelope
Kind: instance property of TokenService
Returns: Object
- The token envelope.
Throws:
YError(E_NO_CONTENT)
If there is no contentYError(E_NO_END_OF_LIFE)
If there is no end of lifeYError(E_PAST_END_OF_LIFE)
If the end of life is past
Api: public
Param | Type | Description |
---|---|---|
contents | Object |
Some JSON serializable content. |
endOfLife | Number |
The time when the token is outdated. |
Example
tk.createToken({
uri: '/plop'
}, Date.now() + 3600000);
// {
// _id: 'abbacacaabbacacaabbacaca',
// endOfLife: 1441981754461,
// hash: '13371ee713371ee713371ee7',
// contents: { uri: '/plop' },
// }
void
tokenService.checkToken ⇒ Check a token envelope against a given hash
Kind: instance property of TokenService
Throws:
YError(E_NO_HASH)
If there is no hashYError(E_NO_ID)
If there is no idYError(E_NO_CONTENT)
If there is no contentYError(E_NO_END_OF_LIFE)
If there is no end of lifeYError(E_BAD_HASH)
If the hash do not matchYError(E_PAST_END_OF_LIFE)
If the end of life is past
Api: public
Param | Type | Description |
---|---|---|
envelope._id | String |
The token id |
envelope.endOfLife | Number |
The token validity |
envelope.contents | Object |
The token contents |
hash | String |
The given hash to check against |
Example
tk.checkToken({
// _id: 'abbacacaabbacacaabbacaca',
// endOfLife: 1441981754461,
// contents: { uri: '/plop' },
}, '13371ee713371ee713371ee7');
String
tokenService.createHash ⇒ Create a hash from the given envelope
Kind: instance property of TokenService
Returns: String
- The resulting hash
Api: private
Param | Type | Description |
---|---|---|
envelope._id | String |
The token id |
envelope.endOfLife | Number |
The token validity |
envelope.contents | Object |
The token contents |