john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tractatus/src/utils/jwt.util.js
TheFlow 47818bade1 feat: add governance document and core utilities 
Core Values (TRA-VAL-0001):
- Adapt STR-VAL-0001 for Tractatus AI Safety Framework
- Define 6 core values: Sovereignty, Transparency, Harmlessness,
  Human Judgment Primacy, Community, Biodiversity
- Establish AI governance principles and decision framework
- Document Te Tiriti commitment as strategic baseline
- Create values alignment metrics and review process

Database Utilities:
- MongoDB connection with retry logic and health checks
- Singleton pattern for connection management
- Comprehensive error handling and reconnection

Logger Utility:
- Winston-based logging (console + file)
- Request logging middleware
- Error log separation
- Configurable log levels

JWT Utility:
- Token generation and verification
- Secure admin authentication
- Header extraction methods

Markdown Utility:
- Markdown to HTML conversion with syntax highlighting
- XSS protection via sanitization
- Table of contents extraction
- Front matter parsing
- Slug generation

Status: Core infrastructure utilities complete
2025-10-06 23:34:40 +13:00

58 lines
1.1 KiB
JavaScript
Raw Blame History

/**
* JWT Utility
* Token generation and verification for admin authentication
*/
const jwt = require('jsonwebtoken');
const JWT_SECRET = process.env.JWT_SECRET || 'CHANGE_THIS_IN_PRODUCTION';
const JWT_EXPIRY = process.env.JWT_EXPIRY || '7d';
/**
* Generate JWT token
*/
function generateToken(payload) {
return jwt.sign(payload, JWT_SECRET, {
expiresIn: JWT_EXPIRY,
issuer: 'tractatus',
audience: 'tractatus-admin'
});
}
/**
* Verify JWT token
*/
function verifyToken(token) {
try {
return jwt.verify(token, JWT_SECRET, {
issuer: 'tractatus',
audience: 'tractatus-admin'
});
} catch (error) {
throw new Error(`Invalid token: ${error.message}`);
}
}
/**
* Decode token without verification (for debugging)
*/
function decodeToken(token) {
return jwt.decode(token);
}
/**
* Extract token from Authorization header
*/
function extractTokenFromHeader(authHeader) {
if (!authHeader || !authHeader.startsWith('Bearer ')) {
return null;
}
return authHeader.substring(7);
}
module.exports = {
generateToken,
verifyToken,
decodeToken,
extractTokenFromHeader
};
Reference in a new issue View git blame Copy permalink