summary refs log tree commit diff
path: root/src/util
diff options
context:
space:
mode:
authorRory& <root@rory.gay>2025-05-31 20:29:26 +0200
committerRory& <root@rory.gay>2025-05-31 20:29:26 +0200
commitc03bc9d70058b2140da758e7754dc8301e512777 (patch)
tree353c3f6184cda12d6be572d619beca0ca49c2a6d /src/util
parentAdd plan and readme (diff)
downloadnodejs-final-assignment-c03bc9d70058b2140da758e7754dc8301e512777.tar.xz
Generate jwt secrets
Diffstat (limited to 'src/util')
-rw-r--r--src/util/index.js1


-rw-r--r--src/util/jwtUtils.js63


-rw-r--r--src/util/secretUtils.js3


3 files changed, 66 insertions, 1 deletions
diff --git a/src/util/index.js b/src/util/index.js

index 6b51d7b..e5f345c 100644
--- a/src/util/index.js
+++ b/src/util/index.js
@@ -1 +1,2 @@
 export * from './secretUtils.js';
+export * from './jwtUtils.js';
\ No newline at end of file
diff --git a/src/util/jwtUtils.js b/src/util/jwtUtils.js
new file mode 100644

index 0000000..115c9c5
--- /dev/null
+++ b/src/util/jwtUtils.js
@@ -0,0 +1,63 @@
+import {existsSync} from 'fs';
+import {readFile, writeFile} from "node:fs/promises";
+import {generateKeyPairSync, createHash, createPublicKey, createPrivateKey} from 'node:crypto';
+
+let privateKey, publicKey, fingerprint;
+
+export async function initJwt() {
+    const secretPath = process.env.JWT_SECRET_PATH;
+    if (!secretPath || !existsSync(secretPath)) {
+        throw new Error('JWT secret path is not defined in environment variables, or the directory does not exist.');
+    }
+
+    const privateKeyPath = `${secretPath}/jwt.key`;
+    const publicKeyPath = `${secretPath}/jwt.key.pub`;
+
+    if (!existsSync(privateKeyPath)) {
+        console.log("[JWT] Generating new keypair");
+        const keyPair = generateKeyPairSync("ec", {
+            namedCurve: "secp521r1",
+        });
+
+        privateKey = keyPair.privateKey;
+        publicKey = keyPair.publicKey;
+
+        await Promise.all([
+            writeFile(
+                privateKeyPath,
+                privateKey.export({format: "pem", type: "sec1"}),
+            ),
+            writeFile(
+                publicKeyPath,
+                publicKey.export({format: "pem", type: "spki"}),
+            ),
+        ]);
+        console.log("[JWT] Keypair generated successfully.");
+    } else {
+        console.log("[JWT] Using existing keypair");
+        const loadedPrivateKey = await readFile(privateKeyPath, 'utf8');
+        const loadedPublicKey = await readFile(publicKeyPath, 'utf8');
+
+        privateKey = createPrivateKey(loadedPrivateKey);
+        publicKey = createPublicKey(loadedPublicKey);
+    }
+
+    fingerprint = createHash("sha256")
+        .update(publicKey.export({format: "pem", type: "spki"}))
+        .digest("hex");
+}
+
+/**
+ * @type {import('jsonwebtoken').JwtOptions}
+ */
+const jwtOptions = {
+    algorithm: 'ES512',
+}
+
+export async function generateJwtToken(user) {
+
+}
+
+export async function validateJwtToken(token) {
+
+}
\ No newline at end of file
diff --git a/src/util/secretUtils.js b/src/util/secretUtils.js

index bbad8ca..92e1b1c 100644
--- a/src/util/secretUtils.js
+++ b/src/util/secretUtils.js
@@ -1,6 +1,7 @@
 import fs from 'node:fs/promises';
 
-export async function readSecret(path) {
+export async function readSecret(name, path) {
+    console.log(`[SECRET] Reading secret "${name}" from path: ${path}`);
     if (!path) {
         throw new Error('Path to secret file is required');
     }

 

generated by cgit-magenta 1.5.1 (git 2.53.0) at 2026-02-14 18:36:38 +0000