• Stars
    star
    273
  • Rank 150,780 (Top 3 %)
  • Language
    TypeScript
  • License
    MIT License
  • Created over 2 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Module for generating a prefixed API Key

Prefixed API Key (Seam-style)

Example key: mycompany_BRTRKFsL_51FwqftsmMDHHbJAMEXXHCgG

Discussion on Hacker News · Awesome Seam Open-Source

Seam-style API Keys have many advantages:

  • Double clicking the api key selects the entire api key
  • The alphabet is standard across languages thanks to the base58 RFC and its usage in cryptocurrencies
  • They are shorter than hex and base32 api keys
  • They have prefixes allowing secret scanning by github
  • They have a hashed component so the server doesn't need to store the api key (reducing attack surface)
  • They have unhashed short tokens which can be mutually used by the server and key bearer/customer to identify the api key
  • They default to roughly the same number of entropy bits as UUIDv4

The Format

Seam-style api keys look like this:

mycompany_BRTRKFsL_51FwqftsmMDHHbJAMEXXHCgG

Let's break down each component of the API key...

mycompany ..._...  BRTRKFsL ..._...  51FwqftsmMDHHbJAMEXXHCgG
^                  ^                 ^
Prefix             Short Token       Long Token
  • The Prefix is used to identify the company or service creating the API Key. This is very helpful in secret scanning.
  • The Short Token is stored by both the server and the key bearer/customer, it can be used to identify an API key in logs or displayed on a customer's dashboard. A token can be blocklisted by its short token.
  • The Long Token is how we authenticate this key. The long token is never stored on the server, but a hash of it is stored on the server. When we receive an incoming request, we search our database for short_token and hash(long_token).

Getting Started

import { generateAPIKey } from "prefixed-api-key"

const key = await generateAPIKey({ keyPrefix: 'mycompany' })

// Store the key.longTokenHash and key.shortToken in your database and give
// key.token to your customer.

console.log(key)
/*
{
  shortToken: 'BRTRKFsL',
  longToken: '51FwqftsmMDHHbJAMEXXHCgG',
  longTokenHash: 'd70d981d87b449c107327c2a2afbf00d4b58070d6ba571aac35d7ea3e7c79f37',
  token: 'mycompany_BRTRKFsL_51FwqftsmMDHHbJAMEXXHCgG'
}
*/

Utility Methods

import {
  hashLongToken,
  extractLongToken,
  extractShortToken,
  checkAPIKey,
  getTokenComponents,
} from "prefixed-api-key"

hashLongToken("51FwqftsmMDHHbJAMEXXHCgG")
// "d70d981d87b449c107327c2a2afbf00d4b58070d6ba571aac35d7ea3e7c79f37"

extractLongToken("mycompany_BRTRKFsL_51FwqftsmMDHHbJAMEXXHCgG")
// "51FwqftsmMDHHbJAMEXXHCgG"
})

extractShortToken("mycompany_BRTRKFsL_51FwqftsmMDHHbJAMEXXHCgG")
// "BRTRKFsL"

getTokenComponents("mycompany_BRTRKFsL_51FwqftsmMDHHbJAMEXXHCgG")
/*
{
  shortToken: 'BRTRKFsL',
  longToken: '51FwqftsmMDHHbJAMEXXHCgG',
  longTokenHash: 'd70d981d87b449c107327c2a2afbf00d4b58070d6ba571aac35d7ea3e7c79f37',
  token: 'mycompany_BRTRKFsL_51FwqftsmMDHHbJAMEXXHCgG'
}
*/

await checkAPIKey(
  "mycompany_BRTRKFsL_51FwqftsmMDHHbJAMEXXHCgG",
  "d70d981d87b449c107327c2a2afbf00d4b58070d6ba571aac35d7ea3e7c79f37"
)
// true

More Repositories

1

seam-cli

Command line interface for the Seam API
TypeScript
85
star
2

react-repl

React component for creating a REPL or interactive command line interface
JavaScript
17
star
3

javascript

JavaScript SDK for the Seam API written in TypeScript.
TypeScript
15
star
4

python

SDK for the Seam API written in Python.
Python
13
star
5

nextlove

An NPM module that has best practices and essential modules for building APIs with NextJS
TypeScript
12
star
6

python-legacy

Python
6
star
7

react

Seam Components are a set of white-labeled UI elements that can be added to your application in seconds. Use them in any app as native web components or as React components and hooks.
TypeScript
6
star
8

awesome-seam

Awesome Projects by Seam, or by Seam Engineers
5
star
9

quackatos

🦆 a Typescript query builder for Postgres
PLpgSQL
5
star
10

precompose

Import a Compose application into an OSTree repository
Python
5
star
11

seam-plop

Plop common files in Seam
JavaScript
3
star
12

php

PHP SDK for using Seam Connect to control door locks and other IoT devices
PHP
3
star
13

seamapi-types

TypeScript
3
star
14

types

TypeScript types for the Seam API.
TypeScript
2
star
15

github-workflow-manager

Automatically install github workflows for different types of projects (auto publish npm, pip, etc.)
JavaScript
2
star
16

go

Go library for accessing the Seam API
Go
2
star
17

node-frp2

NodeJS bindings for FRP
JavaScript
2
star
18

node-websocat

Node bindings to websocat, easily create websocket/tcp tunnels
JavaScript
2
star
19

podracer

A wrapper around podman to launch a container stored in an ostree repository
Python
2
star
20

deeper

Easily clone, modify and make contributions to upstream npm dependencies
JavaScript
2
star
21

ava-postgres

🐘 instantly stand up full Postgres databases in your AVA tests
TypeScript
2
star
22

typed-axios

A simple way to create an Axios instance that is fully typed with the routes from an API
TypeScript
2
star
23

nextjs-ava-fixture

NextJS AVA testing fixture. Test API routes and pages with AVA
JavaScript
1
star
24

notion-sync

TypeScript
1
star
25

nextflare

NextJS Shims for Cloudflare Workers
TypeScript
1
star
26

pg-connection-from-env

TypeScript
1
star
27

url-search-params-serializer

Serializes JavaScript objects to The URLSearchParams.
TypeScript
1
star
28

nextjs-server-modules

Modules that contain an embedded nextjs server. Used for NextJS server orchestration.
TypeScript
1
star
29

ruby

Ruby Gem for Seam API
Ruby
1
star
30

wrappers

TypeScript
1
star
31

ava-typescript-worker

🪄 register shared TypeScript workers with AVA
TypeScript
1
star
32

meta-security

Mirror of http://git.yoctoproject.org/cgit/cgit.cgi/meta-security/
Perl
1
star
33

seam-tod

Seam Standard for Time of Day Strings
TypeScript
1
star
34

next-route-matcher

A route matching utility decides how to match a pathname based on filesystem route strings in NextJS style
TypeScript
1
star
35

node-traefik

An NPM module for interfacing traefik. Easily reverse proxies and load balancers.
JavaScript
1
star
36

seam-graphile-worker

TypeScript
1
star
37

javascript-http

JavaScript HTTP client for the Seam API written in TypeScript.
TypeScript
1
star
38

zustand-hoist

Hoist Zustand state and actions to the top level.
TypeScript
1
star