umami/lib/crypto.js

import crypto from 'crypto';
import { v4, v5, validate } from 'uuid';
import bcrypt from 'bcrypt';
import { JWT, JWE, JWK } from 'jose';

const KEY = JWK.asKey(Buffer.from(secret()));

export function hash(...args) {
  return crypto.createHash('sha512').update(args.join('')).digest('hex');
}

export function secret() {
  return hash(process.env.HASH_SALT);
}

export function uuid(...args) {
  if (!args.length) return v4();

  return v5(args.join(''), v5(process.env.HASH_SALT, v5.DNS));
}

export function isValidId(s) {
  return validate(s);
}

export function checkPassword(password, hash) {
  return bcrypt.compare(password, hash);
}

export async function createToken(payload) {
  return JWT.sign(payload, KEY);
}

export async function parseToken(token) {
  try {
    return JWT.verify(token, KEY);
  } catch {
    return null;
  }
}

export async function createSecureToken(payload) {
  return JWE.encrypt(await createToken(payload), KEY);
}

export async function parseSecureToken(token) {
  try {
    const result = await JWE.decrypt(token, KEY);

    return parseToken(result.toString());
  } catch {
    return null;
  }
}
Cookie authentication. 2020-07-23 00:46:05 +02:00			`import crypto from 'crypto';`
Handle website delete. Added response helper functions. 2020-08-08 02:19:42 +02:00			`import { v4, v5, validate } from 'uuid';`
Switch to json web tokens. 2020-07-23 05:45:09 +02:00			`import bcrypt from 'bcrypt';`
Changed JWT implementation. 2020-07-23 06:33:17 +02:00			`import { JWT, JWE, JWK } from 'jose';`
Cookie authentication. 2020-07-23 00:46:05 +02:00
Changed JWT implementation. 2020-07-23 06:33:17 +02:00			`const KEY = JWK.asKey(Buffer.from(secret()));`
Cookie authentication. 2020-07-23 00:46:05 +02:00
Accounts and login. 2020-07-24 04:56:55 +02:00			`export function hash(...args) {`
			`return crypto.createHash('sha512').update(args.join('')).digest('hex');`
Switch to json web tokens. 2020-07-23 05:45:09 +02:00			`}`

			`export function secret() {`
Accounts and login. 2020-07-24 04:56:55 +02:00			`return hash(process.env.HASH_SALT);`
Switch to json web tokens. 2020-07-23 05:45:09 +02:00			`}`
Cookie authentication. 2020-07-23 00:46:05 +02:00
Switch to json web tokens. 2020-07-23 05:45:09 +02:00			`export function uuid(...args) {`
Handle website delete. Added response helper functions. 2020-08-08 02:19:42 +02:00			`if (!args.length) return v4();`

Switch to json web tokens. 2020-07-23 05:45:09 +02:00			`return v5(args.join(''), v5(process.env.HASH_SALT, v5.DNS));`
Cookie authentication. 2020-07-23 00:46:05 +02:00			`}`

Accounts and login. 2020-07-24 04:56:55 +02:00			`export function isValidId(s) {`
Handle website delete. Added response helper functions. 2020-08-08 02:19:42 +02:00			`return validate(s);`
Cookie authentication. 2020-07-23 00:46:05 +02:00			`}`

Changed JWT implementation. 2020-07-23 06:33:17 +02:00			`export function checkPassword(password, hash) {`
			`return bcrypt.compare(password, hash);`
Cookie authentication. 2020-07-23 00:46:05 +02:00			`}`

Changed JWT implementation. 2020-07-23 06:33:17 +02:00			`export async function createToken(payload) {`
			`return JWT.sign(payload, KEY);`
Cookie authentication. 2020-07-23 00:46:05 +02:00			`}`

Handle website delete. Added response helper functions. 2020-08-08 02:19:42 +02:00			`export async function parseToken(token) {`
			`try {`
			`return JWT.verify(token, KEY);`
			`} catch {`
			`return null;`
			`}`
Changed JWT implementation. 2020-07-23 06:33:17 +02:00			`}`

			`export async function createSecureToken(payload) {`
			`return JWE.encrypt(await createToken(payload), KEY);`
			`}`

Handle website delete. Added response helper functions. 2020-08-08 02:19:42 +02:00			`export async function parseSecureToken(token) {`
			`try {`
			`const result = await JWE.decrypt(token, KEY);`

			`return parseToken(result.toString());`
			`} catch {`
			`return null;`
			`}`
Cookie authentication. 2020-07-23 00:46:05 +02:00			`}`