Val Town Code SearchReturn to Val Town

24 * Creates a complete browser-to-backend middleware chain per server.md specification.
25 *
26 * @returns {Array<(c: Context, next: Next) => unknown>} Array of middleware functions in execution order
27 */
28export function createBrowserMiddlewareChain(): Array<
29  MiddlewareHandler<{ Variables: HonoVariables }>
30> {
54 * @throws {Error} When middleware application fails
55 */
56export function applyBrowserMiddleware(
57  app: Hono<{ Variables: HonoVariables }>,
58  path: string = "/v1/*",

23 * Creates a complete backend-to-backend middleware chain.
24 */
25export function createBackendMiddlewareChain(): Array<
26  (c: Context, next: Next) => unknown
27> {
45 * Applies backend middleware chain to a Hono application.
46 */
47export function applyBackendMiddleware(
48  app: any, // Use any to avoid Hono type complexity
49  path: string = "/v1/*",

21 * Session-based authentication middleware (for orchestrator)
22 */
23export async function sessionAuthMiddleware(
24  c: Context<{ Variables: HonoVariables }>,
25  next: Next,
37 * Session-based authentication logic.
38 */
39export function applySessionAuth(
40  c: Context<{ Variables: HonoVariables }>,
41): AuthResult {

17 * OAuth authentication middleware
18 */
19export async function oauthAuthMiddleware(
20  c: Context<{ Variables: Variables }>,
21  next: () => Promise<void>,
38 * OAuth authentication logic (checks session for OAuth data)
39 */
40export function applyOAuthAuth(
41  c: Context<{ Variables: Variables }>,
42): AuthResult {
96 * Generate OAuth authorization URL
97 */
98export function generateOAuthUrl(provider: string, state: string): string | null {
99  const providerConfig =
100    AUTH_CONFIG.oauth.providers[provider as keyof typeof AUTH_CONFIG.oauth.providers];

17 * Creates a JWT token with the provided payload
18 */
19export async function createJWT(payload: AppJwtPayload): Promise<string> {
20  try {
21    const { iat: _iat, exp: _exp, ...restPayload } = payload;
41 * Verifies and decodes a JWT token
42 */
43export async function verifyAppJWT(
44  token: string,
45  customSecret?: string,
73 * JWT authentication logic
74 */
75export async function applyJwtAuth(
76  request: Request,
77  customSecret?: string,
166 * JWT Bearer token authentication middleware
167 */
168export async function jwtAuthMiddleware(
169  c: Context<{ Variables: HonoVariables }>,
170  next: Next,
197 * JWT-only middleware for endpoints that strictly require JWT authentication
198 */
199export function jwtOnlyMiddleware(customSecret?: string) {
200  return async (c: Context<{ Variables: HonoVariables }>, next: Next): Promise<Response | void> => {
201    const authResult = await applyJwtAuth(c.req.raw, customSecret);
227 * Creates a refresh token with extended expiry
228 */
229export async function createRefreshToken(payload: AppJwtPayload): Promise<string> {
230  try {
231    const { iat: _iat, exp: _exp, ...restPayload } = payload;
256 * Validates a refresh token and returns new access token
257 */
258export async function refreshAccessToken(
259  refreshTokenValue: string,
260): Promise<{ accessToken: string; refreshToken: string } | null> {

5import { internalJwtService } from "@/services/internalJWTService.ts"; // Adjust path if necessary
6
7export function createInternalAuthMiddleware() {
8  const internalJwtConfig = AUTH_CONFIG.jwt.INTERNAL;
9  if (!internalJwtConfig.enabled) {
75}
76
77export function requireInternalAuth(requiredScope?: string) {
78  return async (c: Context<{ Variables: HonoVariables }>, next: Next): Promise<Response | void> => {
79    const internalContext = c.get("internalAuth");

32 * Apply authentication based on method
33 */
34async function applyAuthMethod(
35  method: AuthMethod,
36  c: Context<{ Variables: HonoVariables }>,
94 * Multi-method authentication middleware
95 */
96export function createAuthMiddleware(options: AuthMiddlewareOptions = {}) {
97  const defaultAuthTypes: AuthMethod[] = [
98    AUTH_CONFIG.jwt.API.enabled && "jwt",
234
235/**
236 * Helper functions
237 */
238export function getAuthContext(c: Context<{ Variables: HonoVariables }>): AuthContext | undefined {
239  return c.get("auth");
240}
241
242export function isAuthenticated(c: Context<{ Variables: HonoVariables }>): boolean {
243  return !!c.get("auth");
244}
245
246export function getCurrentUserId(c: Context<{ Variables: HonoVariables }>): string | undefined {
247  const auth = c.get("auth");
248  return auth?.userId || auth?.user;
249}
250
251export function getCurrentUserEmail(c: Context<{ Variables: HonoVariables }>): string | undefined {
252  const auth = c.get("auth");
253  return auth?.email;
254}
255
256export function hasScope(c: Context<{ Variables: HonoVariables }>, scope: string): boolean {
257  const auth = c.get("auth");
258  return auth?.scopes?.includes(scope) || false;
259}
260
261export function hasPermission(
262  c: Context<{ Variables: HonoVariables }>,
263  permission: string,
267}
268
269export function getAuthMethod(c: Context<{ Variables: HonoVariables }>): AuthMethod | undefined {
270  const auth = c.get("auth");
271  return auth?.type;
273
274/**
275 * Shorthand functions for specific auth requirements
276 */
277export const requireJWT = createAuthMiddleware({ methods: ["jwt"] });

50 * Basic Auth authentication logic for the authentication orchestrator
51 */
52export async function applyBasicAuth(
53  c: Context<{ Variables: HonoVariables }>,
54): Promise<AuthResult> {
171 * Basic Auth authentication middleware for the orchestrator
172 */
173export async function basicAuthMiddleware(
174  c: Context<{ Variables: HonoVariables }>,
175  next: () => Promise<void>,
413
414/**
415 * Utility function to hash passwords using bcrypt
416 */
417export const hashPassword = async (password: string, saltRounds = 12): Promise<string> => {

15 * Validates API key against configured valid keys
16 */
17export function validateApiKey(apiKey: string): boolean {
18  if (!apiKey) return false;
19
27 * Validates internal API key for server-to-server communication
28 */
29export function validateInternalApiKey(apiKey: string): boolean {
30  return apiKey === AUTH_CONFIG.methods.API_KEY.keys.internal;
31}
34 * Validates webhook secret for webhook authentication
35 */
36export function validateWebhookSecret(secret: string): boolean {
37  return secret === AUTH_CONFIG.methods.API_KEY.keys.webhook;
38}
41 * Validates service-to-service API key
42 */
43export function validateServiceKey(serviceKey: string): boolean {
44  return serviceKey === AUTH_CONFIG.methods.API_KEY.keys.serviceToService;
45}
48 * API Key authentication middleware
49 */
50export async function apiKeyAuthMiddleware(
51  c: Context<{ Variables: Variables }>,
52  next: () => Promise<void>,
80 * API Key authentication logic
81 */
82export function applyApiKeyAuth(request: Request): AuthResult {
83  const apiKeyConfig = AUTH_CONFIG.methods.API_KEY;
84

1/**
2 * JWT authentication middleware for Hono-based API server.
3 * Provides JWT token creation, verification, and middleware functions.
4 */
5
21 * @returns A string representation of the error message
22 */
23function getErrorMessage(error: unknown): string {
24  if (error instanceof Error) {
25    return error.message;
40 * const token = await createJWT({ sub: 'user123', email: 'user@example.com' });
41 */
42export async function createJWT(payload: AppJwtPayload): Promise<string> {
43  try {
44    const { iat: _iat, exp: _exp, ...restPayload } = payload;
67 * @returns Promise resolving to decoded payload or null if invalid
68 */
69export async function verifyAppJWT(
70  token: string,
71  customSecret?: string,
106 * @returns Promise resolving to authentication result
107 */
108export async function applyJwtAuth(
109  request: Request,
110  customSecret?: string,
199 * JWT Bearer token authentication middleware
200 */
201export async function jwtAuthMiddleware(
202  c: Context<{ Variables: HonoVariables }>,
203  next: Next,
230 * JWT-only middleware for endpoints that strictly require JWT authentication
231 */
232export function jwtOnlyMiddleware(customSecret?: string) {
233  return async (c: Context<{ Variables: HonoVariables }>, next: Next): Promise<Response | void> => {
234    const authResult = await applyJwtAuth(c.req.raw, customSecret);
260 * Creates a refresh token with extended expiry
261 */
262export async function createRefreshToken(payload: AppJwtPayload): Promise<string> {
263  try {
264    const { iat: _iat, exp: _exp, ...restPayload } = payload;
291 * @returns Promise resolving to new token pair or null if invalid
292 */
293export async function refreshAccessToken(
294  refreshTokenValue: string,
295): Promise<{ accessToken: string; refreshToken: string } | null> {