| var assert = require('assert') |
| var jws = require('jws') |
| var _ = require('lodash') |
| |
| module.exports.encode = function(options) { |
| assert.ok(options.payload, 'payload required') |
| assert.ok(options.secret, 'secret required') |
| |
| var header = { |
| alg: 'HS256' |
| } |
| |
| if (options.header) { |
| header = _.merge(header, options.header) |
| } |
| |
| return jws.sign({ |
| header: header |
| , payload: options.payload |
| , secret: options.secret |
| }) |
| } |
| |
| module.exports.decode = function(payload, secret) { |
| if (!jws.verify(payload, 'HS256', secret)) { |
| return null |
| } |
| |
| var decoded = jws.decode(payload, { |
| json: true |
| }) |
| var exp = decoded.header.exp |
| |
| if (exp && exp <= Date.now()) { |
| return null |
| } |
| |
| return decoded.payload |
| } |