Product
Introducing Ruby Support in Socket
Socket is launching Ruby support for all users. Enhance your Rails projects with AI-powered security scans for vulnerabilities and supply chain threats. Now in Beta!
As name suggests esat is token like jwt although it always encrypt the information in the token providing more security even on the most basic level. esat is also very easy & straight forward to work with.
Note : It is not a good practise to store user's password or any other confidential information in the esat (token) itself.
The tokens will be encrypted using AES hence providing a good level of encryption (will also depend on key strength).
If you need to use refresh tokens, the library provides a single unified solution by storing refresh token info inside the main token with refresh interval (more info below).
The whole library supports both callback as well as promises although the documentation will be in callback to target larger audience.
The encryption key must be 256bit (32 chars). Try to use random keygen to generate strong keys.
The time in the token will be milliseconds since epoch.
var esat = require('esat');
/*
- first parameter is option (required)
- second parameter is encryption key (required & must be 256 bit)
*/
esat.generate({}, key, function(err, result){
//err will be undefined incase of result
})
various error codes and their corresponding message / data is mentioned below.
generated esat will have
internally esat will contain the following parameters
options for generating esat (options parameter should be a json formatted object).
exp : 30000
esat.verify(esat,key,function(err, result){
// result will contain all the details mentioned above (internal parameters in esat)
});
various error codes and their corresponding message / data is mentioned below.
rtk
will be returned when a token is needed to be refreshed while verifying esat. You can use it to perform verification or any other thing you wish before reissuing esat.esat.refresh(token,key,function(err, token){
...
})
In case of any error following error object will be returned -
{
"code" : 1,
"message" : "..."
}
Note : In case of error 4 , additional rtk field with refresh token id will be returned.
Pull requests are always welcomed (kindly sign commits with GPG keys. THANKS)
ISC Licence
Copyright 2018-2019 Saksham (DawnImpulse)
Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted,
provided that the above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE
OR PERFORMANCE OF THIS SOFTWARE.
FAQs
Encrypted & Secure Authentication Token
We found that esat demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket is launching Ruby support for all users. Enhance your Rails projects with AI-powered security scans for vulnerabilities and supply chain threats. Now in Beta!
Product
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
Product
We're launching a new set of license analysis and compliance features for analyzing, managing, and complying with licenses across a range of supported languages and ecosystems.