1.1.3 • Published 2 years ago
auth-server-library v1.1.3
AuthenticationServerLibrary
This library was created to act as a wrapper around several JavaScript libraries to help make an authentication server easier. The Library includes several top-level function wrappers that are used to create, parse and verify JWTs along with hashing data objects and verifying the hash. This library was created entirely using TypeScript.
Environment variables
This library release on the creation of several environment variables that are required for it to work. Below are the required environment variables needed along with example values for each:
## Pepper variables
DYNAMIC_PEPPER_ARRAY="3.7.9"
/**this is used to change the peppers retrieved from the static pepper string. The format is required to be x.x.x where each are positive whole numbers. This is used to great an array within the code. See documentation for more details.*/
STATIC_PEPPER="o8gyug6tuvoiha930hpotrjsndfr39ugirejhkr9aurhgurou3bnjrngr9u3bnranjgp9wagujkn"
/**This is used to select a pepper for hashing data. See documentation for more details.
*/
## Static Token Keys
REFRESH_KEY="freghe3sywyreh35"
/* used to generate refresh token that will allow for long term authentication of the user.
This is expected to be generated one, only needed to help in the generation of permissions token,
and should be regenerated once every month to a year.
*/
PERMISSIONS_KEY="syw5y753h"
/* used for generating permissions token for long term authentication, this is expect to be updated regularly.*/
ACTION_TOKEN_KEY="357s5ejh54w"
/* This is used to request the server to perform actions on behalf of the user over short intervals of times. This allows for quick access token that will be discarded after a short period of time.*/
SERVER_TOKEN_KEY="s5y3w53hw5"
/*This is used to generate tokens that backend services use to communicate with each other. These should only last a few seconds to a minute and are never meant to be used by a client.*/
## Dynamic Token Keys
DYNAMIC_KEY_ARRAY="reysrehgre.awrrwg.awrgrw"
/**This is used to add variation to JWT to help make JWTs token harder to determine and fake.*/
# Token Time in seconds
// the follow are used to set varies times that a JWT will last for
SERVER_TIME = "30" // 30 seconds
SHORT_TIME ="600" // 10 minutes
MEDIUM_TIME="604800" // 1 week
LONG_TIME="2592000" // 30 days
# Salt value
// this is used to determine the number of rounds when generating salts.
SALT="10"Demo Code
The following are all top-level function wrappers one would use when using this library:
dataHash.hashData(data:any) //=> returns a hash string
dataHash.compareData(checkData:any,hashData:string)// => returns a boolean relating to if the hash is consistent
// JWT MANAGEMENT
CreateJWT(type:JWTType, data:any) //=> returns a an object {token:string}
verifyJWT(type:JWTType, tokenString:string) //=> returns a boolean relating to whether or not the JWT is authentic
parseJWT(type:JWTType, tokenString:string) //=> returns an object that was contained within the JWT string
/**This is used to specify the type of JWT*/
export enum JWTType{
/**used for specifying JWT that will be used for long term authentication by the client*/
Refresh,
/**This is used to specifying JWT that holds permissions the user is allowed to do*/
Permissions,
/**This is used for specifying JWT that allows for short term access for interacting with servers rapidly*/
Actions,
/**This is used for cross server communication. Any time another server needs to communicate with this server, use this for verification*/
Server
}