30 lines
909 B
JavaScript
30 lines
909 B
JavaScript
import { randomBytes, createHash, timingSafeEqual } from 'node:crypto';
|
|
|
|
const PREFIX = 'dfl_';
|
|
|
|
export function generateToken() {
|
|
return PREFIX + randomBytes(32).toString('hex');
|
|
}
|
|
|
|
export function hashToken(token) {
|
|
return createHash('sha256').update(token).digest('hex');
|
|
}
|
|
|
|
export function compareTokens(tokenA, tokenB) {
|
|
if (!tokenA || !tokenB) return false;
|
|
const a = Buffer.from(tokenA);
|
|
const b = Buffer.from(tokenB);
|
|
if (a.length !== b.length) return false;
|
|
return timingSafeEqual(a, b);
|
|
}
|
|
|
|
export function parseBearer(authorizationHeader) {
|
|
if (!authorizationHeader || typeof authorizationHeader !== 'string') return null;
|
|
const m = authorizationHeader.match(/^Bearer\s+(\S+)$/i);
|
|
return m ? m[1] : null;
|
|
}
|
|
|
|
export const TOKEN_PREFIX_DISPLAY_LEN = 8; // for api_tokens.token_prefix
|
|
export function tokenDisplayPrefix(token) {
|
|
return token.slice(0, TOKEN_PREFIX_DISPLAY_LEN);
|
|
}
|