Ghost/ghost/members-api/tokens.js

const jose = require('node-jose');
const jwt = require('jsonwebtoken');

module.exports = function ({
    privateKey,
    publicKey,
    issuer
}) {
    const keyStore = jose.JWK.createKeyStore();
    const keyStoreReady = keyStore.add(privateKey, 'pem');

    function encodeToken({sub, aud = issuer, plans}) {
        return keyStoreReady.then(jwk => jwt.sign({
            sub,
            plans,
            kid: jwk.kid
        }, privateKey, {
            algorithm: 'RS512',
            audience: aud,
            issuer
        }));
    }

    function decodeToken(token) {
        return keyStoreReady.then(jwk => jwt.verify(token, publicKey, {
            algorithm: 'RS512',
            kid: jwk.kid,
            issuer
        })).then(() => jwt.decode(token));
    }

    function getPublicKeys() {
        return keyStoreReady.then(() => {
            keyStore.toJSON();
        });
    }

    return {
        encodeToken,
        decodeToken,
        getPublicKeys
    };
};
Refactored members for management api (#10408) no-issue 2019-01-22 17:29:44 +03:00			`const jose = require('node-jose');`
			`const jwt = require('jsonwebtoken');`

			`module.exports = function ({`
			`privateKey,`
			`publicKey,`
			`issuer`
			`}) {`
			`const keyStore = jose.JWK.createKeyStore();`
			`const keyStoreReady = keyStore.add(privateKey, 'pem');`

Added initial subscription support with stripe to Members API (#10460) These changes introduce a new "service" to the members api, which handles getting and creating subscriptions. This is wired up to get subscription information when creating tokens, and attaching information to the token, so that the Content API can allow/deny access. Behind the subscription service we have a Stripe "payment processor", this holds the logic for creating subscriptions etc... in Stripe. The logic for getting items out of stripe uses a hash of the relevant data as the id to search for, this allows us to forgo keeping stripe data in a db, so that this feature can get out quicker. 2019-02-07 12:41:39 +03:00			`function encodeToken({sub, aud = issuer, plans}) {`
Refactored members for management api (#10408) no-issue 2019-01-22 17:29:44 +03:00			`return keyStoreReady.then(jwk => jwt.sign({`
			`sub,`
Added initial subscription support with stripe to Members API (#10460) These changes introduce a new "service" to the members api, which handles getting and creating subscriptions. This is wired up to get subscription information when creating tokens, and attaching information to the token, so that the Content API can allow/deny access. Behind the subscription service we have a Stripe "payment processor", this holds the logic for creating subscriptions etc... in Stripe. The logic for getting items out of stripe uses a hash of the relevant data as the id to search for, this allows us to forgo keeping stripe data in a db, so that this feature can get out quicker. 2019-02-07 12:41:39 +03:00			`plans,`
Refactored members for management api (#10408) no-issue 2019-01-22 17:29:44 +03:00			`kid: jwk.kid`
			`}, privateKey, {`
			`algorithm: 'RS512',`
			`audience: aud,`
			`issuer`
			`}));`
			`}`

			`function decodeToken(token) {`
			`return keyStoreReady.then(jwk => jwt.verify(token, publicKey, {`
			`algorithm: 'RS512',`
			`kid: jwk.kid,`
			`issuer`
			`})).then(() => jwt.decode(token));`
			`}`

			`function getPublicKeys() {`
			`return keyStoreReady.then(() => {`
			`keyStore.toJSON();`
			`});`
			`}`

			`return {`
			`encodeToken,`
			`decodeToken,`
			`getPublicKeys`
			`};`
			`};`