owltide/generate-keys.mjs

/*
	SPDX-FileCopyrightText: © 2025 Hornwitser <code@hornwitser.no>
	SPDX-License-Identifier: AGPL-3.0-or-later
*/
import webPush from "web-push";

const vapidKeys = webPush.generateVAPIDKeys();
const cookieSecretKey = Buffer.from(
	await crypto.subtle.exportKey(
		"raw",
		await crypto.subtle.generateKey(
			{ name: "HMAC", hash: "SHA-256" }, true, ["sign", "verify"]
		)
	)
).toString("base64url");

console.log(`\
NUXT_PUBLIC_VAPID_PUBLIC_KEY=${vapidKeys.publicKey}
NUXT_VAPID_PRIVATE_KEY=${vapidKeys.privateKey}
NUXT_COOKIE_SECRET_KEY=${cookieSecretKey}
`);
License under AGPL version 3 or later I firmly believe in free software. The application I'm making here have capabilities that I've not seen in any system. It presents itself as an opportunity to collaborate on a tool that serves the people rather than corporations. Whose incentives are to help people rather, not make the most money. And whose terms ensure that these freedoms and incentives cannot be taken back or subverted. I license this software under the AGPL. 2025-06-30 18:58:24 +02:00			`/*`
			`SPDX-FileCopyrightText: © 2025 Hornwitser <code@hornwitser.no>`
			`SPDX-License-Identifier: AGPL-3.0-or-later`
			`*/`
Implement signed cookie helpers Provide a convenient wrapper for setting SHA-256 HMAC signed cookies and retreiving them with the signature validated. The secret key is configured in the NUXT_COOKIE_SECRET_KEY environment variable. 2025-03-06 22:07:51 +01:00			`import webPush from "web-push";`

			`const vapidKeys = webPush.generateVAPIDKeys();`
			`const cookieSecretKey = Buffer.from(`
			`await crypto.subtle.exportKey(`
			`"raw",`
			`await crypto.subtle.generateKey(`
			`{ name: "HMAC", hash: "SHA-256" }, true, ["sign", "verify"]`
			`)`
			`)`
			`).toString("base64url");`

			console.log(`\
			`NUXT_PUBLIC_VAPID_PUBLIC_KEY=${vapidKeys.publicKey}`
			`NUXT_VAPID_PRIVATE_KEY=${vapidKeys.privateKey}`
			`NUXT_COOKIE_SECRET_KEY=${cookieSecretKey}`
			`);