How to use the paseto.js.Rules.notExpired function in paseto

To help you get started, we’ve selected a few paseto examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github stefanvanherwijnen / quasar-auth-starter / backend / src / api / helpers / paseto-auth.ts View on Github external
public async check(req: Request): Promise {
    let parser = new Paseto.Parser(await this.getSharedKey())
    parser = parser.addRule(new Rules.notExpired()).addRule(new Rules.issuedBy(this.getIssuer()))
    try {
      const token = await parser.parse(this.getTokenFromRequest(req))
      Object.assign(req, {token: token})

      const id = token.getClaims().id
      const user = await User.query().eager('roles').findById(id).throwIfNotFound()
      const iat = token.getClaims().iat

      if (user) {
        if (user.tokensRevokedAt && (new Date(iat) < new Date(user.tokensRevokedAt))) {
          return false
        }
        Object.assign(req, {user: user})
      } else {
        return false
      }

paseto

PASETO for Node.js with no dependencies

MIT
Latest version published 2 years ago

Package Health Score

56 / 100
Full package analysis