30 lines
866 B
JavaScript
30 lines
866 B
JavaScript
import { createHmac } from 'crypto'
|
|
import assert from 'assert'
|
|
|
|
module.exports = tokenSecret => {
|
|
assert(tokenSecret, 'TOKEN_SECRET is required')
|
|
|
|
const hmac = (invoice_id, path, expiry) =>
|
|
createHmac('sha256', tokenSecret)
|
|
.update([ invoice_id, path, expiry ].join('.'))
|
|
.digest().toString('base64').replace(/\W+/g, '')
|
|
|
|
const make = (invoice, ttl) => {
|
|
const expiry = invoice.completed_at + ttl
|
|
, hash = hmac(invoice.id, invoice.metadata.path, expiry)
|
|
|
|
return [ invoice.id, expiry.toString(36), hash ].join('.')
|
|
}
|
|
|
|
const parse = (path, token) => {
|
|
const [ invoice_id, expiry_, hash ] = token.split('.')
|
|
, expiry = parseInt(expiry_, 36)
|
|
|
|
return hmac(invoice_id, path, expiry) === hash
|
|
&& expiry > Date.now()/1000
|
|
&& { token, path, invoice_id, expiry }
|
|
}
|
|
|
|
return { make, parse }
|
|
}
|