npm
Sign UpSign In

@mmdzov/pswd
TypeScript icon, indicating that this package has built-in type declarations

1.7.1 • Public • Published

pswd

Validation, Authentication, Encryption. Simple and powerful

easy to encrypt/decrypt data with crypto-js

manage jsonwebtoken blacklists

You need a blacklist for more security in the tokens you created using jwt. When the user logs out of his account and if his token is still valid, he can copy and use it before leaving the account, but you can add his token to the blacklist after leaving the account, which can no longer be used .

requirement for jwt blacklist

-redis

install

npm i @mmdzov/pswd

Usage

Add Token to blacklist

const secret_key = "12345"
const ins = new Pswd(secret_key);
const client = await connect(); // return redis client
await ins.jwt.blacklist.config({ redisClient: client }).add("user_token"); // return boolean

Get list of blacklist

const client = await connect();
let result = await ins.jwt.blacklist.config({ redisClient: client }).getList(); //return array of object blacklist. like: [{ key: "BLACKLIST_TOKEN_3423473676", value: "TOKEN" }]

You can make the validation of your jwt tokens much easier, see the example below

const secret_key = "12345";

const pswd = new Pswd(secret_key);

const client = connect(); //? redis client . It does not matter if the result is a promise or not

const configured = pswd.jwt.blacklist.config({
  redisClient: client,
});

//* jwt checkpoint
const checkpoint = configured.auth(
  (result) => {
    if (result?.err) {
      return result.res?.json({
        ...result.err,
        message: "This token has already been blocked",
      }); //? Return a result when the token is blocked
      //? Prevent next operations
    }
    //? NOTE: There is no need to implement the next function because when the validation is confirmed, next runs behind the scenes
  },
  {
    token_key: "authorization", //? token key Header
  }
);

//* jwt auth
const auth = pswd.jwt.auth(
  (result) => {
    if (result.err?.type) {
      return result.res?.json({
        type: result.err.type,
      });
      //? Prevent next operations
    }
    console.log(result.data);
    //? NOTE: There is no need to implement the next function because when the validation is confirmed, next runs behind the scenes
  },
  {
    token_key: "authorization",
  }
);

app.use(checkpoint); //? Token checkpoint to check for blockage

app.use(auth);

You can also check the authorization and blacklist together and create a complete and simple checkpoint

const connect = () => {
  const client = createClient();
  client.on("error", (err) => console.log("Redis Client Error", err));
  await client.connect();
  return client;
}

const client = connect()
const secret_key = "12345";
const pswd = new Pswd(secret_key);

const config = {
  redisClient: client,
  token_key: "authorization",
};

const auto = pswd.jwt.auto(({ err, res }) => {
  if (err?.type) {
    return res.json({
      type: err?.type,
    });
  }
}, config);

app.use(auto);

Readme

Keywords

Package Sidebar

Install

npm i @mmdzov/pswd

Repository

github.com/mytls/pswd

Homepage

github.com/mytls/pswd#readme

Weekly Downloads

3

Version

1.7.1

License

ISC

Unpacked Size

48.6 kB

Total Files

17

Last publish

Collaborators

  • mmdzov
Try on RunKit
Report malware