fix: reduce token lengths

Author: KernelDeimos

packages/backend/src/services/auth/AuthService.js

@@ -39,6 +39,12 @@ class AuthService extends BaseService {
         this.svc_session = await this.services.get('session');
 
         this.sessions = {};
+
+        const svc_token = await this.services.get('token');
+        this.modules.jwt = {
+            sign: (payload, _, options) => svc_token.sign('auth', payload, options),
+            verify: (token, _) => svc_token.verify('auth', token),
+        };
     }
 
     async authenticate_from_token (token) {
@@ -229,7 +235,7 @@ class AuthService extends BaseService {
             type: 'session',
             version: '0.0.0',
             uuid: session.uuid,
-            meta: session.meta,
+            // meta: session.meta,
             user_uid: user.uuid,
         }, this.global_config.jwt_secret);
 

packages/backend/src/services/auth/TokenService.js

@@ -25,9 +25,38 @@ defv = o => {
     };
 };
 
+const uuid_compression = {
+    encode: v => {
+        const undecorated = v.replace(/-/g, "");
+        const base64 = Buffer
+            .from(undecorated, 'hex')
+            .toString('base64');
+        return base64;
+    },
+    decode: v => {
+        // if already a uuid, return that
+        if ( v.includes('-') ) return v;
+
+        const undecorated = Buffer
+            .from(v, 'base64')
+            .toString('hex');
+        return [
+            undecorated.slice(0, 8),
+            undecorated.slice(8, 12),
+            undecorated.slice(12, 16),
+            undecorated.slice(16, 20),
+            undecorated.slice(20),
+        ].join('-');
+    }
+};
+
 const compression = {
     auth: def({
-        uuid: 'u',
+        uuid: {
+            short: 'u',
+            ...uuid_compression,
+        },
+        version: 'v',
         type: {
             short: 't',
             values: defv({
@@ -36,8 +65,14 @@ const compression = {
                 'app-under-user': 'au',
             }),
         },
-        user_uid: 'uu',
-        app_uid: 'au',
+        user_uid: {
+            short: 'uu',
+            ...uuid_compression,
+        },
+        app_uid: {
+            short: 'au',
+            ...uuid_compression,
+        },
     }),
 };
 
@@ -76,6 +111,8 @@ class TokenService extends BaseService {
         const context = this.compression[scope];
         const payload = jwt.verify(token, secret);
 
+        console.log('payloda', payload)
+
         return this._decompress_payload(context, payload);
     }
 
@@ -96,6 +133,8 @@ class TokenService extends BaseService {
             if ( compress_info.short ) k = compress_info.short;
             if ( compress_info.values && compress_info.values.to_short[v] ) {
                 v = compress_info.values.to_short[v];
+            } else if ( compress_info.encode ) {
+                v = compress_info.encode(v);
             }
 
             compressed[k] = v;
@@ -124,6 +163,8 @@ class TokenService extends BaseService {
             if ( compress_info.short ) k = fullkey;
             if ( compress_info.values && compress_info.values.to_long[v] ) {
                 v = compress_info.values.to_long[v];
+            } else if ( compress_info.decode ) {
+                v = compress_info.decode(v);
             }
 
             decompressed[k] = v;
@@ -133,38 +174,49 @@ class TokenService extends BaseService {
     }
 
     _test ({ assert }) {
+        const U1 = '843f1d83-3c30-48c7-8964-62aff1a912d0';
+        const U2 = '42e9c36b-8a53-4c3e-8e18-fe549b10a44d';
+        const U3 = 'c22ef816-edb6-47c5-8c41-31c6520fa9e6';
         // Test compression
         {
             const context = this.compression.auth;
             const payload = {
-                uuid: '123',
+                uuid: U1,
                 type: 'session',
-                user_uid: '456',
-                app_uid: '789',
+                user_uid: U2,
+                app_uid: U3,
             };
 
             const compressed = this._compress_payload(context, payload);
-            assert(() => compressed.u === '123');
+            assert(() => compressed.u === uuid_compression.encode(U1));
             assert(() => compressed.t === 's');
-            assert(() => compressed.uu === '456');
-            assert(() => compressed.au === '789');
+            assert(() => compressed.uu === uuid_compression.encode(U2));
+            assert(() => compressed.au === uuid_compression.encode(U3));
         }
 
         // Test decompression
         {
             const context = this.compression.auth;
             const payload = {
-                u: '123',
+                u: uuid_compression.encode(U1),
                 t: 's',
-                uu: '456',
-                au: '789',
+                uu: uuid_compression.encode(U2),
+                au: uuid_compression.encode(U3),
             };
 
             const decompressed = this._decompress_payload(context, payload);
-            assert(() => decompressed.uuid === '123');
+            assert(() => decompressed.uuid === U1);
             assert(() => decompressed.type === 'session');
-            assert(() => decompressed.user_uid === '456');
-            assert(() => decompressed.app_uid === '789');
+            assert(() => decompressed.user_uid === U2);
+            assert(() => decompressed.app_uid === U3);
+        }
+
+        // Test UUID preservation
+        {
+            const payload = { uuid: U1 };
+            const compressed = this._compress_payload(this.compression.auth, payload);
+            const decompressed = this._decompress_payload(this.compression.auth, compressed);
+            assert(() => decompressed.uuid === U1);
         }
     }
 }