SecureAuth is a comprehensive Node.js package that provides easy-to-use utilities for authentication and security-related tasks. It includes functions for generating and verifying JWT tokens, hashing passwords securely, and refreshing authentication tokens. With SecureAuth, developers can quickly implement secure authentication mechanisms in their Node.js applications, ensuring the integrity and confidentiality of user data.

You can install this package via npm:

npm install secure-auth-utils jsonwebtoken

yarn add secure-auth-utils jsonwebtoken

const { generateToken } = require('secure-auth-utils');

// Generate a token
const token = generateToken({
  data: { userId: 123 },
  tokenSecret: 'your-secret-key'
});
console.log('Generated Token:', token);

const { decodedToken } = require('secure-auth-utils');

// Decode a token
const decodedData = decodedToken({
  token: 'your-encoded-token',
  tokenSecret: 'your-secret-key'
});
console.log('Decoded Data:', decodedData);

expiresIn : Eg: 60, "2 days", "10h", "7d"

const { refreshTokenEncoded } = require('secure-auth-utils');

// Refresh a token with hashed password
const refreshedToken = refreshTokenEncoded({
  hashedPass: 'your-hashed-password',
  data: { userId: 123 },
  expiresIn: '7 days',
  tokenSecret: 'your-secret-key'
});
console.log('Refreshed Token:', refreshedToken);

const getRefreshToken = refreshTokenEncoded({
  data:{email:"test@test.com", role: 'user',},
  hashedPass: hashedPass,
  expiresIn: '7 days',
  tokenSecret: 'your-secret-key'
})

NB: Recommend you use hashedPass (hash) for extra security . 🤫🤐🔐..

const tokenDecode = await decodedToken({
  token: ref_tkn,
  tokenSecret: process.env.USER_REFRESH_TOKEN
});

  if (tokenDecode.success) {
    const { data, sessionToken, role } = tokenDecode?.data
    // if use hashedPass then you get sessionToken;
    const getSalt = sessionToken?.split('####')?.[0];
    const getHash = sessionToken?.split('####')?.[1];
    //check hashed 
    // make sure encoding, algorithm are same
    const check = passwordHashing({salt: getSalt,hash: hashedPass}).hash == getHash;
    // code execute
  }
  else{
    // code execute
  }

const { passwordHashing } = require('secure-auth-utils');

// Hash a password
const hashedPassword = passwordHashing({
  password: 'your-password',
  salt: 'your-salt',
  algorithm: 'sha256',
  encoding: 'base64'
});
console.log('Hashed Password:', hashedPassword.hash);

const { checkPassword } = require('secure-auth-utils');

// Check if password matches hash
const isMatch = checkPassword({
  salt: 'your-salt',
  hash: 'your-hashed-password',
  password: 'your-password'
});
console.log('Password Match:', isMatch);

Generates a JWT token.

• options (object):
  • data (object): The data payload to be included in the token.
  • tokenSecret (string): The secret key used for token generation.
  • expiresIn (string): The expiration time for the token (optional, defaults to '24h').
  • algorithm (string): The signing algorithm to be used (optional, defaults to "HS256").

Returns an object containing the generated token and success status.

Decodes a JWT token.

• options (object):
  • tokenSecret (string): The secret key used for token verification.
  • token (string): The JWT token to be decoded.

Returns an object containing the decoded data and success status.

Refreshes a token encoded.

• options (object):
  • hashedPass (string): The hashed password (optional).
  • data (object): Additional data to be included in the token.
  • expiresIn (string): The expiration time for the token (optional).
  • tokenSecret (string): The secret key used for token generation.

Returns the refreshed token or null if hashedPass is not provided.

Hashes a password.

• options (object):
  • salt (string): The salt used for hashing (optional, autogenerated if not provided).
  • password (string): The password to be hashed.
  • algorithm (string): The hashing algorithm to be used (optional, defaults to SHA256).
  • encoding (string): The encoding format for the hash (optional, defaults to 'base64').

Returns an object containing the salt, success status, and hashed password.

Checks if a password matches the hashed value.

• options (object):
  • salt (string): The salt used for hashing.
  • hash (string): The hashed password to be checked.
  • password (string): The password to be validated.

Returns true if the password matches the hash, false otherwise.

Replace Your Package Name with the actual name of your package and secure-auth-utils with the npm package name. Also, make sure to update the function examples with relevant data and keys.