@aintechcorporation/auth
v1.0.0
Published
AINTECH auth library - JWT, TOTP, magic link, middleware
Maintainers
Readme
@aintech/auth
Shared authentication library based on aina-auth (JWT HS256, TOTP MFA, magic-link).
Install
npm install @aintech/authUsage
import { signJWT, verifyJWT, issueTokens } from '@aintech/auth';
const tokens = issueTokens({ sub: 'user123' }, process.env.JWT_SECRET);
// { accessToken, refreshToken, tokenType, expiresIn }API
JWT
signJWT(payload, secret, opts?)— sign HS256 tokenverifyJWT(token, secret)— verify and decodeissueTokens(claims, secret)— access + refresh pairrefresh(refreshToken, secret, claimsLookup?)— rotate refresh
TOTP MFA
generateTOTPSecret(len?)— RFC 6238 base32 secrettotp(secret, opts?)— generate TOTP codeverifyTOTP(secret, token, opts?)— verify with ±1 step windowotpauthURL(secret, opts?)— QR code URL for authenticator apps
Magic Link
createMagicToken(email, secret, ttlSec?)— generate magic link tokenverifyMagicToken(token, secret)— verify magic link
Middleware (Express/Fastify compatible)
requireAuth(secret, opts?)— protect routes with JWT BearerrequireRole(...roles)— role-based access guard
