npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

nuabase-server-sdk

v0.1.0

Published

Nuabase Server SDK to create short-lived JWT tokens for direct front-end LLM calls

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

jasimabjasimab

Keywords

typescriptnuabaseaillm

Readme

Nuabase Server SDK

Nuabase turns LLM prompts into type-safe functions and allows you to call them directly from your front-end. Set up your free account now at Nuabase.

This is the Server SDK (Node.js) intended only to generate short-lived JWT tokens, to be passed to the Nuabase front-end SDK. With this you can make authenticated LLM requests directly from your front-end.

Installation

Install the package:

npm install nuabase-server-sdk
# or
yarn add nuabase-server-sdk

Usage

Prerequisites

Obtain a Signing Key Secret from the Nuabase Console.

This key is a secret and must be stored securely on your backend server. It must not be exposed to the client-side code. We recommend storing it as an environment variable named NUABASE_SIGNING_KEY_SECRET.

The Signing Key Secret is used by your backend to generate short-lived JWT tokens via this SDK.

Basic Usage

import { NuaTokenGenerator } from 'nuabase-server-sdk';

// Initialize the generator with your signing key secret and the user ID
const generator = new NuaTokenGenerator({
  signingKeySecret: process.env.NUABASE_SIGNING_KEY_SECRET!,
  userId: 'user_123', // The ID of the user in your system
});

// Generate the token
const tokenData = generator.generate();

// tokenData contains:
// {
//   access_token: "eyJhbGci...",
//   expires_in: 180,
//   expires_at: 1732398765
// }
console.log(tokenData.access_token);

Express Integration

You can integrate Nuabase into your Express application by creating an endpoint to serve the token.

  1. Create a route (e.g., POST /.well-known/nuabase/token).
  2. IMPORTANT: This endpoint MUST be authenticated. You must verify the user's identity before generating a token. Do not expose this endpoint publicly without authentication.
import express from 'express';
import { NuaTokenGenerator } from 'nuabase-server-sdk';

const app = express();
app.use(express.json());

// Mock authentication middleware
const authenticateUser = (req, res, next) => {
  // Your authentication logic here
  req.user = { id: 'user_123' };
  next();
};

app.post('/.well-known/nuabase/token', authenticateUser, (req, res) => {
  try {
    const generator = new NuaTokenGenerator({
      signingKeySecret: process.env.NUABASE_SIGNING_KEY_SECRET!,
      userId: req.user.id,
    });

    const token = generator.generate();
    res.json(token);
  } catch (error) {
    console.error(error);
    res.status(500).json({ error: 'Failed to generate token' });
  }
});

app.listen(3000, () => console.log('Server running on port 3000'));

Workflow

The typical workflow is:

  1. Expose an endpoint on your backend (e.g., POST /.well-known/nuabase/token).
  2. IMPORTANT: This endpoint MUST be authenticated.
  3. Your frontend, loaded by an authenticated user, calls this endpoint.
  4. Your backend uses the nuabase-server-sdk SDK to generate a token for that specific user.
  5. The frontend receives the token and uses it to directly make authenticated LLM calls to the Nuabase server, using the Nuabase Client SDK.

Token Expiration and Automatic Refresh

Tokens expire after 180 seconds by default. You can override the TTL by passing expirySeconds when instantiating NuaTokenGenerator:

const generator = new NuaTokenGenerator({
  signingKeySecret: process.env.NUABASE_SIGNING_KEY_SECRET!,
  userId: 'user_123',
  expirySeconds: 300, // token will last for 5 minutes
});

Keep the expiration short to prevent abuse of leaked tokens. The Nuabase Client SDK will automatically refresh the token when it expires.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/nuabase/ts-server

License

MIT