interfect/tildefriends
1
0
Fork 0
forked from cory/tildefriends
Code Pull Requests Activity

Move sending refresh tokens out of JS.

Browse Source
This commit is contained in:
Cory McWilliams
2024-04-02 12:42:31 -04:00
parent 0a0b0c1adb
commit cc92748747
3 changed files with 43 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
core/app.js
View File

@ -88,7 +88,6 @@ function socket(request, response, client) {
let process;
let options = {};
let credentials = auth.query(request.headers);
let refresh = auth.makeRefresh(credentials);
response.onClose = async function () {
if (process && process.task) {
@ -241,14 +240,7 @@ function socket(request, response, client) {
}
};
response.upgrade(
100,
refresh
? {
'Set-Cookie': `session=${refresh.token}; path=/; Max-Age=${refresh.interval}; Secure; SameSite=Strict`,
}
: {}
);
response.upgrade(100, {});
}
export {socket, App};

67
core/auth.js
View File

@ -1,23 +1,4 @@
import * as core from './core.js';
import * as form from './form.js';
const kRefreshInterval = 1 * 7 * 24 * 60 * 60 * 1000;
/**
* Makes a Base64 value URL safe
* @param {string} value
* @returns TODOC
*/
function b64url(value) {
value = value.replaceAll('+', '-').replaceAll('/', '_');
let equals = value.indexOf('=');
if (equals !== -1) {
return value.substring(0, equals);
} else {
return value;
}
}
/**
* TODOC
@ -37,38 +18,6 @@ function unb64url(value) {
}
}
/**
* Creates a JSON Web Token
* @param {object} payload Object: {"name": "username"}
* @returns the JWT
*/
function makeJwt(payload) {
const ids = ssb.getIdentities(':auth');
let id;
if (ids?.length) {
id = ids[0];
} else {
id = ssb.createIdentity(':auth');
}
const final_payload = b64url(
base64Encode(
JSON.stringify(
Object.assign({}, payload, {
exp: new Date().valueOf() + kRefreshInterval,
})
)
)
);
const jwt = [
b64url(base64Encode(JSON.stringify({alg: 'HS256', typ: 'JWT'}))),
final_payload,
b64url(ssb.hmacsha256sign(final_payload, ':auth', id)),
].join('.');
return jwt;
}
/**
* Validates a JWT ?
* @param {*} session TODOC
@ -178,18 +127,4 @@ function query(headers) {
}
}
/**
* Refreshes a JWT ?
* @param {*} credentials TODOC
* @returns
*/
function makeRefresh(credentials) {
if (credentials?.session?.name) {
return {
token: makeJwt({name: credentials.session.name}),
interval: kRefreshInterval,
};
}
}
export {query, makeRefresh};
export {query};