nuabase-server-sdk

Nuabase Server SDK

Nuabase turns LLM prompts into type-safe functions and allows you to call them directly from your front-end. Set up your free account now at Nuabase.

This is the Server SDK (Node.js) intended only to generate short-lived JWT tokens, to be passed to the Nuabase front-end SDK. With this you can make authenticated LLM requests directly from your front-end.

Installation

Install the package:

npm install nuabase-server-sdk
# or
yarn add nuabase-server-sdk

Usage

Prerequisites

Obtain a Signing Key Secret from the Nuabase Console.

This key is a secret and must be stored securely on your backend server. It must not be exposed to the client-side code. We recommend storing it as an environment variable named NUABASE_SIGNING_KEY_SECRET.

The Signing Key Secret is used by your backend to generate short-lived JWT tokens via this SDK.

Basic Usage

import { NuaTokenGenerator } from 'nuabase-server-sdk';

// Initialize the generator with your signing key secret and the user ID
const generator = new NuaTokenGenerator({
  signingKeySecret: process.env.NUABASE_SIGNING_KEY_SECRET!,
  userId: 'user_123', // The ID of the user in your system
});

// Generate the token
const tokenData = generator.generate();

// tokenData contains:
// {
//   access_token: "eyJhbGci...",
//   expires_in: 180,
//   expires_at: 1732398765
// }
console.log(tokenData.access_token);

Express Integration

You can integrate Nuabase into your Express application by creating an endpoint to serve the token.

• Create a route (e.g., POST /.well-known/nuabase/token).
• IMPORTANT: This endpoint MUST be authenticated. You must verify the user's identity before generating a token. Do not expose this endpoint publicly without authentication.

import express from 'express';
import { NuaTokenGenerator } from 'nuabase-server-sdk';

const app = express();
app.use(express.json());

// Mock authentication middleware
const authenticateUser = (req, res, next) => {
  // Your authentication logic here
  req.user = { id: 'user_123' };
  next();
};

app.post('/.well-known/nuabase/token', authenticateUser, (req, res) => {
  try {
    const generator = new NuaTokenGenerator({
      signingKeySecret: process.env.NUABASE_SIGNING_KEY_SECRET!,
      userId: req.user.id,
    });

    const token = generator.generate();
    res.json(token);
  } catch (error) {
    console.error(error);
    res.status(500).json({ error: 'Failed to generate token' });
  }
});

app.listen(3000, () => console.log('Server running on port 3000'));

Workflow

The typical workflow is:

• Expose an endpoint on your backend (e.g., POST /.well-known/nuabase/token).
• IMPORTANT: This endpoint MUST be authenticated.
• Your frontend, loaded by an authenticated user, calls this endpoint.
• Your backend uses the nuabase-server-sdk SDK to generate a token for that specific user.
• The frontend receives the token and uses it to directly make authenticated LLM calls to the Nuabase server, using the Nuabase Client SDK.

Token Expiration and Automatic Refresh

Tokens expire after 180 seconds by default. You can override the TTL by passing expirySeconds when instantiating NuaTokenGenerator:

const generator = new NuaTokenGenerator({
  signingKeySecret: process.env.NUABASE_SIGNING_KEY_SECRET!,
  userId: 'user_123',
  expirySeconds: 300, // token will last for 5 minutes
});

Keep the expiration short to prevent abuse of leaked tokens. The Nuabase Client SDK will automatically refresh the token when it expires.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/nuabase/ts-server

License

MIT