diff --git a/backend/src/auth/JWT.ts b/backend/src/auth/JWT.ts new file mode 100644 index 000000000..06c6507b8 --- /dev/null +++ b/backend/src/auth/JWT.ts @@ -0,0 +1,19 @@ +import jwt from 'jsonwebtoken' +import CONFIG from '../config/' +import { CustomJwtPayload } from './CustomJwtPayload' + +export const decode = (token: string): CustomJwtPayload | null => { + if (!token) throw new Error('401 Unauthorized') + try { + return jwt.verify(token, CONFIG.JWT_SECRET) + } catch (err) { + return null + } +} + +export const encode = (pubKey: Buffer): string => { + const token = jwt.sign({ pubKey }, CONFIG.JWT_SECRET, { + expiresIn: CONFIG.JWT_EXPIRES_IN, + }) + return token +} diff --git a/backend/src/jwt/decode.ts b/backend/src/jwt/decode.ts deleted file mode 100644 index 6f09276b0..000000000 --- a/backend/src/jwt/decode.ts +++ /dev/null @@ -1,26 +0,0 @@ -import jwt, { JwtPayload } from 'jsonwebtoken' -import CONFIG from '../config/' - -interface CustomJwtPayload extends JwtPayload { - pubKey: Buffer -} - -type DecodedJwt = { - token: string - pubKey: Buffer -} - -export default (token: string): DecodedJwt => { - if (!token) throw new Error('401 Unauthorized') - let pubKey = null - try { - const decoded = jwt.verify(token, CONFIG.JWT_SECRET) - pubKey = decoded.pubKey - return { - token, - pubKey, - } - } catch (err) { - throw new Error('403.13 - Client certificate revoked') - } -} diff --git a/backend/src/jwt/encode.ts b/backend/src/jwt/encode.ts deleted file mode 100644 index ef062ad3a..000000000 --- a/backend/src/jwt/encode.ts +++ /dev/null @@ -1,13 +0,0 @@ -/* eslint-disable @typescript-eslint/no-explicit-any */ -/* eslint-disable @typescript-eslint/explicit-module-boundary-types */ - -import jwt from 'jsonwebtoken' -import CONFIG from '../config/' - -// Generate an Access Token -export default function encode(pubKey: Buffer): string { - const token = jwt.sign({ pubKey }, CONFIG.JWT_SECRET, { - expiresIn: CONFIG.JWT_EXPIRES_IN, - }) - return token -}