38 lines
963 B
JavaScript
38 lines
963 B
JavaScript
const fs = require('fs');
|
|
const path = require('path');
|
|
const jwt = require('jsonwebtoken');
|
|
|
|
const JWT_SECRET = process.env.JWT_SECRET || 'dev-secret-ne-koristiti-u-produkciji';
|
|
|
|
function privateKeyPath() {
|
|
return path.join(__dirname, '..', 'private.pem');
|
|
}
|
|
|
|
function publicKeyPath() {
|
|
return path.join(__dirname, '..', 'public.pem');
|
|
}
|
|
|
|
function signToken(user) {
|
|
const payload = {
|
|
sub: user.id,
|
|
username: user.username,
|
|
role: user.role
|
|
};
|
|
|
|
// TODO Z1.4:
|
|
// Zamijeni simetrično HS256 potpisivanje asimetričnim RS256 potpisivanjem.
|
|
// 1. Generiraj api/private.pem i api/public.pem.
|
|
// 2. Umjesto JWT_SECRET koristi fs.readFileSync(privateKeyPath()).
|
|
// 3. Promijeni algorithm iz HS256 u RS256.
|
|
return jwt.sign(payload, JWT_SECRET, {
|
|
algorithm: 'HS256',
|
|
expiresIn: '15m'
|
|
});
|
|
}
|
|
|
|
function getPublicKeyPath() {
|
|
return publicKeyPath();
|
|
}
|
|
|
|
module.exports = { signToken, getPublicKeyPath, privateKeyPath, publicKeyPath };
|