feat: jwt sign ok

Author: AkaraChen

src/api.jwt.ts

@@ -0,0 +1,59 @@
+import { Hono } from "hono";
+import { Context } from "hono";
+import { createJWT, JWTPayload } from "./api.admin.ts";
+
+// Localhost-only middleware
+const localhostOnly = async (c: Context, next: () => Promise<void>) => {
+  const clientIP = c.req.header("x-forwarded-for") || c.req.header("x-real-ip") || "127.0.0.1";
+  const allowedIPs = ["127.0.0.1", "::1", "localhost"];
+
+  if (!allowedIPs.includes(clientIP)) {
+    return c.json({ error: "Access denied. Only localhost is allowed." }, 403);
+  }
+
+  await next();
+};
+
+// Generate expiration time (24 hours from now)
+function generateExpiration(): number {
+  const now = Math.floor(Date.now() / 1000);
+  return now + (24 * 60 * 60); // 24 hours
+}
+
+// Generate a default user ID
+function generateUserId(): string {
+  return `user_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
+}
+
+export function setupJWTRoutes() {
+  const app = new Hono();
+
+  // Simple JWT creation - no parameters needed
+  app.all("/create", localhostOnly, async (c: Context) => {
+    try {
+      const payload: JWTPayload = {
+        sub: generateUserId(),
+        exp: generateExpiration(),
+        iat: Math.floor(Date.now() / 1000), // issued at
+        type: "access",
+        scope: "full",
+      };
+
+      const token = await createJWT(payload);
+      return c.json({
+        token,
+        payload,
+        expires_in: 24 * 60 * 60, // 24 hours in seconds
+        expires_at: new Date(payload.exp * 1000).toISOString(),
+      }, 200);
+    } catch (error) {
+      console.error("JWT creation error:", error);
+      return c.json({
+        error: "Failed to create JWT",
+        message: error instanceof Error ? error.message : String(error),
+      }, 500);
+    }
+  });
+
+  return app;
+}

src/nanoedge.ts

@@ -12,7 +12,8 @@ import {
   stopAllServices,
 } from "./managers/service-manager.ts";
 import { setupApiRoutes, setupDocsRoutes } from "./api.service.ts";
-import { createJWT, JWTPayload, setupAdminAPIRoutes } from "./api.admin.ts";
+import { setupAdminAPIRoutes } from "./api.admin.ts";
+import { setupJWTRoutes } from "./api.jwt.ts";
 import { Context } from "hono";
 import openapi from "./openapi.ts";
 import { setupFunctionAPIRoutes } from "./api.function.ts";
@@ -31,18 +32,6 @@ export async function createNanoEdgeRT(
   app.use("*", cors());
   app.use("*", logger());
 
-  // Localhost-only middleware
-  const localhostOnly = async (c: Context, next: () => Promise<void>) => {
-    const clientIP = c.req.header("x-forwarded-for") || c.req.header("x-real-ip") || "127.0.0.1";
-    const allowedIPs = ["127.0.0.1", "::1", "localhost"];
-
-    if (!allowedIPs.includes(clientIP)) {
-      return c.json({ error: "Access denied. Only localhost is allowed." }, 403);
-    }
-
-    await next();
-  };
-
   const status = (c: Context) => {
     const now = new Date();
     const upTimeMs = now.getTime() - new Date(startTime).getTime();
@@ -67,42 +56,12 @@ export async function createNanoEdgeRT(
   app.get("/status", status);
   app.get("/static/*", serveStatic({ root: "./" }));
 
-  // JWT creation API - localhost only
-  app.post("/jwt/create", localhostOnly, async (c: Context) => {
-    try {
-      const body = await c.req.json();
-      const { sub, exp, ...additionalClaims } = body;
-
-      if (!sub || !exp) {
-        return c.json({
-          error: "Missing required fields: 'sub' (subject) and 'exp' (expiration)",
-        }, 400);
-      }
-
-      const payload: JWTPayload = {
-        sub,
-        exp,
-        ...additionalClaims,
-      };
-
-      const token = await createJWT(payload);
-      return c.json({
-        token,
-        payload,
-      }, 200);
-    } catch (error) {
-      console.error("JWT creation error:", error);
-      return c.json({
-        error: "Failed to create JWT",
-        message: error instanceof Error ? error.message : String(error),
-      }, 500);
-    }
-  });
-
   app.route("/api/docs", setupDocsRoutes(serviceManagerState));
   app.route("/api/v2", setupApiRoutes(serviceManagerState));
   app.route("/functions/v2", setupFunctionAPIRoutes(dbContext));
   app.route("/admin-api/v2", setupAdminAPIRoutes(dbContext));
+  app.route("/jwt", setupJWTRoutes());
+
   const abortController = new AbortController();
   return [app, dbContext.config?.main_port || 8000, abortController, serviceManagerState];
 }