Files
zipline/src/lib/accessToken.ts
T
diced a99b0f4f1d refactor: use access tokens for file/url passwords
no longer using cookies, since they are buggy and weird with caching
using a access token that "expires" in 10 minutes
2026-05-04 18:21:53 -07:00

38 lines
1018 B
TypeScript

import { config } from '@/lib/config';
import { decrypt, encrypt } from '@/lib/crypto';
type AccessTokenPayload = {
type: string;
id: string;
expiry: number;
};
export function createAccessToken({ type, id }: { type: string; id: string }): string {
const payload: AccessTokenPayload = {
type: type,
id,
expiry: Date.now() + 5 * 60_000, // 5 minutes
};
return encrypt(JSON.stringify(payload), config.core.secret);
}
export function verifyAccessToken(token: string | null | undefined, type: string, id: string): boolean {
if (!token) return false;
try {
const raw = decrypt(token, config.core.secret);
const payload = JSON.parse(raw) as Partial<AccessTokenPayload>;
if (!payload || typeof payload !== 'object') return false;
if (payload.type !== type) return false;
if (payload.id !== id) return false;
if (typeof payload.expiry !== 'number') return false;
if (payload.expiry < Date.now()) return false;
return true;
} catch {
return false;
}
}