Ghost/core/server/lib/members/tokens.js
Fabien O'Carroll cc1f62438d
Added support for serverside rendering of members content (#10522)
no-issue

- Added member auth middleware to siteApp
- Passed member as context in routing service
- set Cache-Control: private for member requests
- fucked up some tests
- Added member as global template variable
- Updated tokens to have expiry of subscription_period_end
2019-02-25 17:03:27 +01:00

45 lines
1013 B
JavaScript

const jose = require('node-jose');
const jwt = require('jsonwebtoken');
module.exports = function ({
privateKey,
publicKey,
issuer
}) {
const keyStore = jose.JWK.createKeyStore();
const keyStoreReady = keyStore.add(privateKey, 'pem');
function encodeToken({sub, aud = issuer, plans, exp}) {
return keyStoreReady.then(jwk => jwt.sign({
sub,
exp,
plans,
kid: jwk.kid
}, privateKey, {
algorithm: 'RS512',
audience: aud,
issuer
}));
}
function decodeToken(token) {
return keyStoreReady.then(jwk => jwt.verify(token, publicKey, {
algorithm: 'RS512',
kid: jwk.kid,
issuer
})).then(() => jwt.decode(token));
}
function getPublicKeys() {
return keyStoreReady.then(() => {
keyStore.toJSON();
});
}
return {
encodeToken,
decodeToken,
getPublicKeys
};
};