How to use the lsat-js.verifyFirstPartyMacaroon function in lsat-js

To help you get started, we’ve selected a few lsat-js examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github Tierion / boltwall / src / routes / validate.ts View on Github external
}

  if (lsat.isExpired()) {
    req.logger.debug(
      `Request made with expired LSAT for ${req.originalUrl} from ${req.hostname}`
    )
    res.status(401)
    return next({
      message: 'Unauthorized: Request made with expired LSAT',
    })
  }

  // verify macaroon
  const { SESSION_SECRET } = getEnvVars()
  const macaroon = lsat.getMacaroon()
  const isValid = verifyFirstPartyMacaroon(
    macaroon.serialize(),
    SESSION_SECRET,
    req.boltwallConfig?.caveatSatisfiers,
    req
  )

  if (!isValid) {
    req.logger.debug('Request made with invalid LSAT macaroon')
    res.status(401)
    return next({
      message: 'Unauthorized: LSAT invalid',
    })
  }

  next()
}

lsat-js

Utility library for working with LSAT auth tokens in javascript

MIT
Latest version published 2 years ago

Package Health Score

45 / 100
Full package analysis

Similar packages