add token utils

ginkoid · ginkoid · commit 96ced5d21d57 · 2020-02-09T02:50:25.000-05:00
diff --git a/.env.example b/.env.example
@@ -0,0 +1 @@
+APP_TOKEN_KEY=
diff --git a/index.js b/index.js
@@ -1,3 +1,5 @@
+require('dotenv').config()
+
 const app = require('./app')
 
 const PORT = process.env.PORT || 3000
diff --git a/package.json b/package.json
@@ -9,6 +9,7 @@
   },
   "dependencies": {
     "body-parser": "^1.19.0",
+    "dotenv": "^8.2.0",
     "express": "^4.17.1"
   },
   "devDependencies": {
diff --git a/server/auth/token.js b/server/auth/token.js
@@ -0,0 +1,57 @@
+const { promisify } = require('util')
+const crypto = require('crypto')
+
+const randomBytes = promisify(crypto.randomBytes)
+const tokenKey = Buffer.from(process.env.APP_TOKEN_KEY, 'base64')
+
+const tokenKinds = {
+  auth: 0
+}
+
+const encryptToken = async (content) => {
+  const iv = await randomBytes(12)
+  const cipher = crypto.createCipheriv('aes-256-gcm', tokenKey, iv)
+  const cipherText = cipher.update(JSON.stringify(content))
+  cipher.final()
+  const tokenContent = Buffer.concat([iv, cipherText, cipher.getAuthTag()])
+  return tokenContent.toString('base64')
+}
+
+const decryptToken = async (token) => {
+  try {
+    const tokenContent = Buffer.from(token, 'base64')
+    const iv = tokenContent.slice(0, 12)
+    const authTag = tokenContent.slice(tokenContent.length - 16)
+    const cipher = crypto.createDecipheriv('aes-256-gcm', tokenKey, iv)
+    cipher.setAuthTag(authTag)
+    const plainText = cipher.update(tokenContent.slice(12, tokenContent.length - 16))
+    return JSON.parse(plainText)
+  } catch (e) {
+    return null
+  }
+}
+
+const getUserId = async (token) => {
+  const content = await decryptToken(token)
+  if (content === null) {
+    return null
+  }
+  const { k: kind, id: userId } = content
+  if (kind !== tokenKinds.auth) {
+    return null
+  }
+  return userId
+}
+
+const getToken = async (userId) => {
+  const token = await encryptToken({
+    k: tokenKinds.auth,
+    id: userId
+  })
+  return token
+}
+
+module.exports = {
+  getUserId,
+  getToken
+}
diff --git a/static/.gitkeep b/static/.gitkeep
diff --git a/yarn.lock b/yarn.lock
@@ -289,6 +289,11 @@ doctrine@^3.0.0:
   dependencies:
     esutils "^2.0.2"
 
+dotenv@^8.2.0:
+  version "8.2.0"
+  resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-8.2.0.tgz#97e619259ada750eea3e4ea3e26bceea5424b16a"
+  integrity sha512-8sJ78ElpbDJBHNeBzUbUVLsqKdccaa/BXF1uPTw3GrvQTBgrQrtObr2mUrE38vzYd8cEv+m/JBfDLioYcfXoaw==
+
 ee-first@1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d"

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,5 @@`
	`1`	`+require('dotenv').config()`
	`2`	`+`
`1`	`3`	`const app = require('./app')`
`2`	`4`
`3`	`5`	`const PORT = process.env.PORT \|\| 3000`