lobe-chat
1import { importJWK, jwtVerify } from 'jose';
2
3import {
4JWTPayload,
5JWT_SECRET_KEY,
6NON_HTTP_PREFIX,
7} from '@/const/auth';
8
9export const getJWTPayload = async (token: string): Promise<JWTPayload> => {
10//如果是 HTTP 协议发起的请求,直接解析 token
11// 这是一个非常 hack 的解决方案,未来要找更好的解决方案来处理这个问题
12// refs: https://github.com/lobehub/lobe-chat/pull/1238
13if (token.startsWith(NON_HTTP_PREFIX)) {
14const jwtParts = token.split('.');
15
16const payload = jwtParts[1];
17
18return JSON.parse(atob(payload));
19}
20
21const encoder = new TextEncoder();
22const secretKey = await crypto.subtle.digest('SHA-256', encoder.encode(JWT_SECRET_KEY));
23
24const jwkSecretKey = await importJWK(
25{ k: Buffer.from(secretKey).toString('base64'), kty: 'oct' },
26'HS256',
27);
28
29const { payload } = await jwtVerify(token, jwkSecretKey);
30
31return payload as JWTPayload;
32};