(payload: UploadTokenPayload, expiresInSeconds = 60 * 60)
| 33 | * Used to prevent IDOR on multipart upload follow-up calls (get-part-urls, complete, abort). |
| 34 | */ |
| 35 | export function signUploadToken(payload: UploadTokenPayload, expiresInSeconds = 60 * 60): string { |
| 36 | const signed: SignedPayload = { |
| 37 | ...payload, |
| 38 | exp: Math.floor(Date.now() / 1000) + expiresInSeconds, |
| 39 | v: 1, |
| 40 | } |
| 41 | const encoded = toBase64Url(JSON.stringify(signed)) |
| 42 | return `${encoded}.${sign(encoded)}` |
| 43 | } |
| 44 | |
| 45 | export type UploadTokenVerification = |
| 46 | | { valid: true; payload: UploadTokenPayload } |
no test coverage detected