55 lines
1.9 KiB
TypeScript
55 lines
1.9 KiB
TypeScript
import { Buffer } from "node:buffer"
|
|
import config from "../config.ts"
|
|
import User from "../data/User.ts"
|
|
import crypto from 'node:crypto'
|
|
import Token from "./Token.ts"
|
|
|
|
function normalizeKey(key: string, keyLength = 32) {
|
|
const hash = crypto.createHash('sha256')
|
|
hash.update(key)
|
|
const keyBuffer = hash.digest()
|
|
return keyLength ? keyBuffer.slice(0, keyLength) : keyBuffer
|
|
}
|
|
|
|
export default class TokenManager {
|
|
// TODO: 單令牌 -》 單 + 刷新 with 多設備管理
|
|
static makeAuth(user: User) {
|
|
return crypto.createHash("sha256").update(user.bean.id + user.getPassword() + config.salt).digest().toString('hex')
|
|
}
|
|
static encode(token: Token) {
|
|
return crypto.createCipheriv("aes-256-gcm", normalizeKey(config.aes_key), '01234567890123456').update(
|
|
JSON.stringify(token)
|
|
).toString('hex')
|
|
}
|
|
static decode(token: string) {
|
|
if (token == null) throw new Error('令牌為空!')
|
|
return JSON.parse(crypto.createDecipheriv("aes-256-gcm", normalizeKey(config.aes_key), '01234567890123456').update(
|
|
Buffer.from(token, 'hex')
|
|
).toString()) as Token
|
|
}
|
|
|
|
static make(user: User, time_: number | null | undefined, device_id: string) {
|
|
const time = (time_ || Date.now())
|
|
return this.encode({
|
|
author: user.bean.id,
|
|
auth: this.makeAuth(user),
|
|
made_time: time,
|
|
expired_time: time + (1 * 1000 * 60 * 60 * 24),
|
|
device_id: device_id
|
|
})
|
|
}
|
|
/**
|
|
* 獲取新令牌
|
|
* 注意: 只驗證用戶, 不驗證令牌有效性!
|
|
*/
|
|
static makeNewer(user: User, token: string) {
|
|
if (this.check(user, token))
|
|
return this.make(user, Date.now() + (1 * 1000 * 60 * 60 * 24), this.decode(token).device_id)
|
|
}
|
|
static check(user: User, token: string) {
|
|
const tk = this.decode(token)
|
|
|
|
return this.makeAuth(user) == tk.auth
|
|
}
|
|
}
|