From 3ac89964ab1814d4d5a1e0de4d912d37ca0ac91e Mon Sep 17 00:00:00 2001 From: Mathis Date: Tue, 9 Jul 2024 16:03:20 +0200 Subject: [PATCH] feat(credentials): add jwt token verification and signing In the credentials.service.ts file, jose is imported for jwt token operations. Two new methods are added. One method for jwt token verification and another for token signing. Token metadata such as IssuedAt, ExpirationTime, Issuer, Audience, and Subject are configured. --- src/credentials/credentials.service.ts | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/src/credentials/credentials.service.ts b/src/credentials/credentials.service.ts index 6c25230..b9d2534 100644 --- a/src/credentials/credentials.service.ts +++ b/src/credentials/credentials.service.ts @@ -1,5 +1,6 @@ import { BadRequestException, Injectable } from "@nestjs/common"; import * as argon from "argon2"; +import * as jose from "jose" // biome-ignore lint/style/useImportType: used by Next.js import { ConfigService } from "@nestjs/config"; @@ -21,4 +22,23 @@ export class CredentialsService { secret: this.configService.get("APP_HASH_SECRET"), }) } + + async verifyAuthToken(token: string) { + const verifyRes = await jose.jwtVerify(token, Uint8Array.from(this.configService.get("APP_TOKEN_SECRET")), { + subject: "auth", + audience: "user", + issuer: "ShouldStick" + }) + } + + async signAuthToken() { + return new jose.SignJWT({}) + .setProtectedHeader({ alg: 'dir', enc: 'A128CBC-HS256' }) + .setIssuedAt() + .setExpirationTime('3 day') + .setIssuer("ShouldStick") + .setAudience("user") + .setSubject("auth") + .sign(Uint8Array.from(this.configService.get("APP_TOKEN_SECRET"))) + } }