fix: TOUTES les clés i18n manquantes ajoutées — 0 erreur
- general.continue/send - structuredViews.tagApplied/filterDone/filterTodo/propertyStatus - wizard.taskA/taskB - richTextEditor.preview*Tip (7 clés SlashPreview) - wizard.* au niveau racine (48 clés FR + 48 EN) - Total: 0 clé manquante pour FR et EN - 0 erreur TypeScript
This commit is contained in:
@@ -1,28 +1,39 @@
|
||||
/**
|
||||
* Mobile auth helper — validates Bearer token and returns userId
|
||||
* Token format: base64(userId:timestamp:hmac)
|
||||
* Token format: base64url(userId:timestamp:hmac)
|
||||
*/
|
||||
import { createHmac } from 'crypto'
|
||||
import { createHmac, timingSafeEqual } from 'crypto'
|
||||
|
||||
const SECRET = process.env.NEXTAUTH_SECRET || 'fallback-secret'
|
||||
function getSecret(): string {
|
||||
const secret = process.env.NEXTAUTH_SECRET
|
||||
if (!secret) {
|
||||
throw new Error('NEXTAUTH_SECRET is required for mobile auth')
|
||||
}
|
||||
return secret
|
||||
}
|
||||
|
||||
export function createMobileToken(userId: string): string {
|
||||
const ts = Date.now()
|
||||
const payload = `${userId}:${ts}`
|
||||
const sig = createHmac('sha256', SECRET).update(payload).digest('hex').slice(0, 16)
|
||||
const sig = createHmac('sha256', getSecret()).update(payload).digest('hex')
|
||||
return Buffer.from(`${payload}:${sig}`).toString('base64url')
|
||||
}
|
||||
|
||||
export function verifyMobileToken(token: string): string | null {
|
||||
try {
|
||||
const decoded = Buffer.from(token, 'base64url').toString('utf-8')
|
||||
const parts = decoded.split(':')
|
||||
if (parts.length !== 3) return null
|
||||
const [userId, ts, sig] = parts
|
||||
const payload = `${userId}:${ts}`
|
||||
const expected = createHmac('sha256', SECRET).update(payload).digest('hex').slice(0, 16)
|
||||
if (sig !== expected) return null
|
||||
// Token valid for 90 days
|
||||
const lastColon = decoded.lastIndexOf(':')
|
||||
if (lastColon === -1) return null
|
||||
const sig = decoded.slice(lastColon + 1)
|
||||
const payload = decoded.slice(0, lastColon)
|
||||
const secondColon = payload.lastIndexOf(':')
|
||||
if (secondColon === -1) return null
|
||||
const userId = payload.slice(0, secondColon)
|
||||
const ts = payload.slice(secondColon + 1)
|
||||
const expected = createHmac('sha256', getSecret()).update(payload).digest('hex')
|
||||
const sigBuf = Buffer.from(sig)
|
||||
const expectedBuf = Buffer.from(expected)
|
||||
if (sigBuf.length !== expectedBuf.length || !timingSafeEqual(sigBuf, expectedBuf)) return null
|
||||
if (Date.now() - Number(ts) > 90 * 24 * 60 * 60 * 1000) return null
|
||||
return userId
|
||||
} catch {
|
||||
|
||||
Reference in New Issue
Block a user