gahusb/jaengseung-made
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
03340c64a607c59b31159ebeb1a431b038dac2bd
jaengseung-made/lib/admin-auth.ts
gahusb 03340c64a6 feat: /portfolio/[token] 공유 URL + /admin/hidden 관리자 대시보드 
- lib/admin-auth: HMAC 서명 포트폴리오 토큰 발급/검증 (1~365일)
- /api/admin/portfolio-token: 관리자 쿠키 인증 후 토큰 발급
- /portfolio/[token]: 위시캣 제출용 게이트웨이 (noindex, 만료 시 404)
- /admin/hidden: 숨김 페이지 바로가기 + 토큰 발급 UI

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-15 01:01:24 +09:00

78 lines
2.6 KiB
TypeScript
Raw Blame History

import { createHmac } from 'crypto';
const TOKEN_TTL = 24 * 60 * 60 * 1000; // 24시간
export function createAdminToken(): string {
const secret = process.env.ADMIN_JWT_SECRET!;
const payload = JSON.stringify({ iat: Date.now(), exp: Date.now() + TOKEN_TTL });
const encoded = Buffer.from(payload).toString('base64url');
const sig = createHmac('sha256', secret).update(encoded).digest('base64url');
return `${encoded}.${sig}`;
}
export function verifyAdminTokenNode(token: string): boolean {
try {
const secret = process.env.ADMIN_JWT_SECRET;
if (!secret) return false;
const [encoded, sig] = token.split('.');
if (!encoded || !sig) return false;
const expected = createHmac('sha256', secret).update(encoded).digest('base64url');
if (sig !== expected) return false;
const { exp } = JSON.parse(Buffer.from(encoded, 'base64url').toString());
return Date.now() < exp;
} catch {
return false;
}
}
export function checkAdminCredentials(id: string, password: string): boolean {
const adminId = process.env.ADMIN_ID;
const adminPassword = process.env.ADMIN_PASSWORD;
if (!adminId || !adminPassword) return false;
return id === adminId && password === adminPassword;
}
/* ─── 포트폴리오 공유 토큰 (위시캣 등 외부 제출용) ──────────────── */
export interface PortfolioTokenPayload {
kind: 'portfolio';
memo: string;
iat: number;
exp: number;
}
export function createPortfolioToken(memo: string, ttlDays = 30): string {
const secret = process.env.ADMIN_JWT_SECRET!;
const now = Date.now();
const payload: PortfolioTokenPayload = {
kind: 'portfolio',
memo: memo.slice(0, 100),
iat: now,
exp: now + ttlDays * 24 * 60 * 60 * 1000,
};
const encoded = Buffer.from(JSON.stringify(payload)).toString('base64url');
const sig = createHmac('sha256', secret).update(encoded).digest('base64url');
return `${encoded}.${sig}`;
}
export function verifyPortfolioTokenNode(
token: string
): PortfolioTokenPayload | null {
try {
const secret = process.env.ADMIN_JWT_SECRET;
if (!secret) return null;
const [encoded, sig] = token.split('.');
if (!encoded || !sig) return null;
const expected = createHmac('sha256', secret).update(encoded).digest('base64url');
if (sig !== expected) return null;
const payload = JSON.parse(
Buffer.from(encoded, 'base64url').toString()
) as PortfolioTokenPayload;
if (payload.kind !== 'portfolio') return null;
if (Date.now() >= payload.exp) return null;
return payload;
} catch {
return null;
}
}
Reference in New Issue View Git Blame Copy Permalink