Initial auth library commmit

lib/utils/auth.ts

@@ -0,0 +1,14 @@
+import Auth from '../model/auth';
+import { AuthDocument, AuthModel, AuthPrivate } from '../schema/auth';
+import { sign } from './jwt';
+
+export const getAuthenticationBundle = async (username: string, password: string) => {
+    const auth = await Auth.findByUsername(username).catch();
+    const isAuthenticated = !!auth && (auth as AuthModel).authenticate(password);
+    const token = isAuthenticated ? (auth as AuthModel).getToken() : sign();
+    const record = isAuthenticated ? (auth as AuthPrivate).record : null;
+    return {
+        record,
+        token,
+    };
+};

lib/utils/jwt.ts

@@ -0,0 +1,31 @@
+import jwt, { JwtPayload } from 'jsonwebtoken';
+
+export interface TokenProps {
+    aud?: string;
+    exp?: number | Date;
+    iss?: string;
+    sub: string | null;
+    [key: string]: any;
+}
+
+export type SignProps = string | TokenProps | void;
+
+export const sign = (props: SignProps) => {
+    const today = new Date();
+    const { sub = null, ...rest }: TokenProps = typeof props === 'string' || typeof props === 'undefined' ? { sub: props || null } : props;
+    let exp = rest.exp; 
+    if (!exp) {
+        exp = new Date(today);
+        exp.setDate(today.getDate() + parseInt(process.env.JWT_DAYS_VALID as string));
+        exp = exp.getTime() / 1000;
+    }
+    return jwt.sign({
+        aud: rest.aud || process.env.JWT_AUDIENCE,
+        exp,
+        iat: today.getTime(),
+        iss: rest.iss || process.env.JWT_ISSUER,
+        sub,
+    }, process.env.JWT_SECRET || 'secret');
+};
+
+export const verify = (token: string) => jwt.verify(token, process.env.JWT_SECRET || 'secret');

lib/utils/password.ts

@@ -0,0 +1,12 @@
+import crypto from 'crypto';
+
+export const encrypt = (password: string) => {
+    const salt = crypto.randomBytes(16).toString('hex');
+    const hash = crypto.pbkdf2Sync(password, salt, 10000, 512, 'sha512').toString('hex');
+    return `${salt}:${hash}`;
+};
+
+export const verify = (test: string, secret: string) => {
+    const [salt, hash] = secret.split(':');
+    return crypto.pbkdf2Sync(test, salt, 10000, 512, 'sha512').toString('hex') === hash;
+};

lib/utils/tokens.ts

@@ -0,0 +1,13 @@
+import crypto from 'crypto';
+
+import { sign } from "./jwt";
+
+export const generateResetToken = (sub: string) => {
+    const key = crypto.randomBytes(16).toString('hex');
+    const token = sign({
+        sub,
+        key,
+        exp: (Date.now() + (24 * 60 * 60 * 1000)),
+    });
+    return { key, token };
+};