Ghost/core/server/lib/members/tokens.js
2019-01-22 15:29:44 +01:00

43 lines
965 B
JavaScript

const jose = require('node-jose');
const jwt = require('jsonwebtoken');
module.exports = function ({
privateKey,
publicKey,
issuer
}) {
const keyStore = jose.JWK.createKeyStore();
const keyStoreReady = keyStore.add(privateKey, 'pem');
function encodeToken({sub, aud = issuer}) {
return keyStoreReady.then(jwk => jwt.sign({
sub,
kid: jwk.kid
}, privateKey, {
algorithm: 'RS512',
audience: aud,
issuer
}));
}
function decodeToken(token) {
return keyStoreReady.then(jwk => jwt.verify(token, publicKey, {
algorithm: 'RS512',
kid: jwk.kid,
issuer
})).then(() => jwt.decode(token));
}
function getPublicKeys() {
return keyStoreReady.then(() => {
keyStore.toJSON();
});
}
return {
encodeToken,
decodeToken,
getPublicKeys
};
};