53 lines
1.5 KiB
JavaScript
53 lines
1.5 KiB
JavaScript
/**
|
|
* Lightweight EncryptID JWT verification for the sync server.
|
|
*
|
|
* Verifies tokens by calling the EncryptID server's /api/session/verify endpoint.
|
|
* No dependencies required — uses Node.js built-in fetch.
|
|
*/
|
|
|
|
const ENCRYPTID_SERVER_URL = process.env.ENCRYPTID_SERVER_URL || 'https://encryptid.jeffemmett.com';
|
|
|
|
/**
|
|
* Verify an EncryptID JWT token by calling the EncryptID server.
|
|
* @param {string} token - The JWT token to verify
|
|
* @returns {Promise<object|null>} The claims if valid, null otherwise
|
|
*/
|
|
export async function verifyToken(token) {
|
|
if (!token) return null;
|
|
|
|
try {
|
|
const res = await fetch(`${ENCRYPTID_SERVER_URL.replace(/\/$/, '')}/api/session/verify`, {
|
|
method: 'POST',
|
|
headers: { 'Content-Type': 'application/json' },
|
|
body: JSON.stringify({ token }),
|
|
signal: AbortSignal.timeout(5000),
|
|
});
|
|
|
|
if (!res.ok) return null;
|
|
|
|
const data = await res.json();
|
|
if (data.valid) {
|
|
return data.claims || {};
|
|
}
|
|
return null;
|
|
} catch (error) {
|
|
console.error('Token verification failed:', error.message);
|
|
return null;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Extract token from a URL query string.
|
|
* @param {string} url - The full URL or path with query string
|
|
* @returns {string|null} The token or null
|
|
*/
|
|
export function extractTokenFromURL(url) {
|
|
try {
|
|
// parse handles both full URLs and just paths with query strings
|
|
const searchParams = new URL(url, 'http://localhost').searchParams;
|
|
return searchParams.get('token') || null;
|
|
} catch {
|
|
return null;
|
|
}
|
|
}
|