server: strictly validate auth token payload

2026-06-08 12:42:41 +00:00 · 2021-01-26 08:33:18 +08:00
parent 2daa77e883
commit 53c0b3f863
2 changed files with 23 additions and 12 deletions
@@ -1,4 +1,4 @@
-import {literal, nativeEnum, object, string, union} from 'zod';
+import {literal, nativeEnum, number, object, string, union} from 'zod';
 import type {infer as zodInfer} from 'zod';

 import {AccessLevel} from './constants/Auth';
@@ -18,3 +18,13 @@ export const credentialsSchema = object({
 export type Credentials = zodInfer<typeof credentialsSchema>;

 export type UserInDatabase = Required<Credentials> & {_id: string};
+
+export const authTokenSchema = object({
+  username: string(),
+  // issued at
+  iat: number(),
+  // expiration
+  exp: number(),
+});
+
+export type AuthToken = zodInfer<typeof authTokenSchema>;