@paladen/sessions - npm Package Compare versions

Comparing version 0.0.83 to 0.0.84

dist/index.d.ts

 export * from "./errors";
+export declare type Tokens = {
+    access: string;
+    refresh: string;
+};
+export declare type TokenClaims = {
+    user: TokenClaimsUser;
+    iat?: string;
+    exp?: string;
+};
+export declare type TokenClaimsUser = {
+    id: string;
+    fullName: string;
+    imageUrl: string;
+};
+export declare const buildSessionCookieString: (name: string, value: string, expiryDate: string) => string;
+export declare const createSessionCookie: (tokens: Tokens, userId: string) => string;
+export declare const deleteSessionCookie: () => string;
+export declare const encodeCookieString: (str: string) => string;
+export declare const decodeCookieString: (str: string) => string;
+export declare const combineCookieStrings: (accessToken: string, refreshToken: string, userId: string) => string;

dist/index.js

@@ -5,2 +5,3 @@ 'use strict';
 
+var config = require('@paladen/config');
 var errors = require('@paladen/errors');
@@ -120,3 +121,45 @@
 
+var buildSessionCookieString = function buildSessionCookieString(name, value, expiryDate) {
+  return ["".concat(name, "=").concat(value), "path=/", "SameSite=Lax", "expires=".concat(expiryDate), "HttpOnly", process.env.NODE_ENV === "production" ? "Secure;" : null].join(";");
+};
+var createSessionCookie = function createSessionCookie(tokens, userId) {
+  var _getGlobals = config.getGlobals(),
+      SESSION_COOKIE_EXPIRY_MINS = _getGlobals.SESSION_COOKIE_EXPIRY_MINS,
+      SESSION_COOKIE_NAME = _getGlobals.SESSION_COOKIE_NAME;
+
+  var dateFuture = Date.now() + 60000 * SESSION_COOKIE_EXPIRY_MINS;
+  var expiryDate = new Date(dateFuture).toUTCString();
+  var combinedCookieString = combineCookieStrings(tokens.access, tokens.refresh, userId);
+  var encodedCookieString = encodeCookieString(combinedCookieString);
+  return buildSessionCookieString(SESSION_COOKIE_NAME, encodedCookieString, expiryDate);
+};
+var deleteSessionCookie = function deleteSessionCookie() {
+  var _getGlobals2 = config.getGlobals(),
+      SESSION_COOKIE_NAME = _getGlobals2.SESSION_COOKIE_NAME;
+
+  var expiryDate = new Date(0).toUTCString();
+  return buildSessionCookieString(SESSION_COOKIE_NAME, "", expiryDate);
+};
+var encodeCookieString = function encodeCookieString(str) {
+  return Buffer.from(str, "binary").toString("base64");
+};
+var decodeCookieString = function decodeCookieString(str) {
+  return Buffer.from(str, "base64").toString("binary");
+};
+var combineCookieStrings = function combineCookieStrings(accessToken, refreshToken, userId) {
+  var _getGlobals3 = config.getGlobals(),
+      SESSION_COOKIE_ACCESS_TOKEN_KEY = _getGlobals3.SESSION_COOKIE_ACCESS_TOKEN_KEY,
+      SESSION_COOKIE_REFRESH_TOKEN_KEY = _getGlobals3.SESSION_COOKIE_REFRESH_TOKEN_KEY,
+      SESSION_COOKIE_USER_ID_KEY = _getGlobals3.SESSION_COOKIE_USER_ID_KEY;
+
+  return "".concat(SESSION_COOKIE_ACCESS_TOKEN_KEY, "=").concat(accessToken, ";") + "".concat(SESSION_COOKIE_REFRESH_TOKEN_KEY, "=").concat(refreshToken, ";") + "".concat(SESSION_COOKIE_USER_ID_KEY, "=").concat(userId, ";");
+};
+
 exports.SessionCookieParseError = SessionCookieParseError;
 exports.SessionError = SessionError;
+exports.buildSessionCookieString = buildSessionCookieString;
+exports.combineCookieStrings = combineCookieStrings;
+exports.createSessionCookie = createSessionCookie;
+exports.decodeCookieString = decodeCookieString;
+exports.deleteSessionCookie = deleteSessionCookie;
+exports.encodeCookieString = encodeCookieString;

package.json

 {
   "name": "@paladen/sessions",
-  "version": "0.0.83",
+  "version": "0.0.84",
   "repository": "https://github.com/samstr/paladen",
@@ -18,8 +18,10 @@ "main": "dist/index.js",
   "dependencies": {
-    "@paladen/errors": "^0.0.83"
+    "@paladen/config": "^0.0.84",
+    "@paladen/errors": "^0.0.84"
   },
   "peerDependencies": {
-    "@paladen/errors": "^0.0.18"
+    "@paladen/config": "^0.0.83",
+    "@paladen/errors": "^0.0.83"
   },
-  "gitHead": "3eeaa68d6fc20af7b31f8735326aad66e831404f"
+  "gitHead": "95279e6576de89757b6d1b3001d81ed528fd13d7"
 }

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

7297

increased by80%

Lines of code

162

increased by57.28%

Worsened metrics

Dependency count

4

increased by100%

Number of low supply chain risk alerts

2

increased by100%

Dependency changes

• + Added@paladen/config@^0.0.84

• + Added@paladen/config@0.0.84(transitive)

• + Added@paladen/errors@0.0.84(transitive)

• - Removed@paladen/errors@0.0.83(transitive)

• Updated@paladen/errors@^0.0.84