Ghost/ghost/members-api/tokens.js

const jose = require('node-jose');
const jwt = require('jsonwebtoken');

module.exports = function ({
    privateKey,
    publicKey,
    issuer
}) {
    const keyStore = jose.JWK.createKeyStore();
    const keyStoreReady = keyStore.add(privateKey, 'pem');

    function encodeToken({sub, aud = issuer}) {
        return keyStoreReady.then(jwk => jwt.sign({
            sub,
            kid: jwk.kid
        }, privateKey, {
            algorithm: 'RS512',
            audience: aud,
            issuer
        }));
    }

    function decodeToken(token) {
        return keyStoreReady.then(jwk => jwt.verify(token, publicKey, {
            algorithm: 'RS512',
            kid: jwk.kid,
            issuer
        })).then(() => jwt.decode(token));
    }

    function getPublicKeys() {
        return keyStoreReady.then(() => {
            keyStore.toJSON();
        });
    }

    return {
        encodeToken,
        decodeToken,
        getPublicKeys
    };
};
Refactored members for management api (#10408) no-issue 2019-01-22 17:29:44 +03:00			`const jose = require('node-jose');`
			`const jwt = require('jsonwebtoken');`

			`module.exports = function ({`
			`privateKey,`
			`publicKey,`
			`issuer`
			`}) {`
			`const keyStore = jose.JWK.createKeyStore();`
			`const keyStoreReady = keyStore.add(privateKey, 'pem');`

			`function encodeToken({sub, aud = issuer}) {`
			`return keyStoreReady.then(jwk => jwt.sign({`
			`sub,`
			`kid: jwk.kid`
			`}, privateKey, {`
			`algorithm: 'RS512',`
			`audience: aud,`
			`issuer`
			`}));`
			`}`

			`function decodeToken(token) {`
			`return keyStoreReady.then(jwk => jwt.verify(token, publicKey, {`
			`algorithm: 'RS512',`
			`kid: jwk.kid,`
			`issuer`
			`})).then(() => jwt.decode(token));`
			`}`

			`function getPublicKeys() {`
			`return keyStoreReady.then(() => {`
			`keyStore.toJSON();`
			`});`
			`}`

			`return {`
			`encodeToken,`
			`decodeToken,`
			`getPublicKeys`
			`};`
			`};`