initial commit

lib/jwt.ts

@@ -0,0 +1,47 @@
+import jwt from 'jsonwebtoken'
+
+const JWT_SECRET = process.env.JWT_SECRET || 'your-jwt-secret-change-in-production'
+const JWT_REFRESH_SECRET =
+  process.env.JWT_REFRESH_SECRET || 'your-jwt-refresh-secret-change-in-production'
+
+export interface TokenPayload {
+  userId: string
+  email: string
+  role: string
+}
+
+export const generateTokens = (payload: TokenPayload) => {
+  const accessToken = jwt.sign(payload, JWT_SECRET, {
+    expiresIn: '15m', // Short-lived access token
+  })
+
+  const refreshToken = jwt.sign(payload, JWT_REFRESH_SECRET, {
+    expiresIn: '7d', // Long-lived refresh token
+  })
+
+  return { accessToken, refreshToken }
+}
+
+export const verifyAccessToken = (token: string): TokenPayload | null => {
+  try {
+    return jwt.verify(token, JWT_SECRET) as TokenPayload
+  } catch (error) {
+    return null
+  }
+}
+
+export const verifyRefreshToken = (token: string): TokenPayload | null => {
+  try {
+    return jwt.verify(token, JWT_REFRESH_SECRET) as TokenPayload
+  } catch (error) {
+    return null
+  }
+}
+
+export const decodeToken = (token: string): TokenPayload | null => {
+  try {
+    return jwt.decode(token) as TokenPayload
+  } catch (error) {
+    return null
+  }
+}