$security
Updated on Aug 19, 2025 4 minutes to readThe Security Plugin provides methods for encoding, decoding, hashing, signing, verifying, and securely generating strings and tokens.
Methods
Method | Description |
---|---|
fromBase64 | Decodes a Base64-encoded string. |
fromBase64Url | Decodes a Base64 URL-encoded string. |
generatePassword | Generates a random password with optional length. |
generatePasswordHash | Generates a hash of the given password. |
generateRandomString | Generates a cryptographically secure random string. |
hashData | Hashes data using a secret key. |
hmacSHA256 | Generates HMAC-SHA256 hash of data. |
jwtDecodePayload | Decodes the payload of a JSON Web Token (JWT). |
jwtSign | Signs a JWT payload using HMAC SHA256. |
jwtVerify | Verifies a JWT using the given secret and options. |
maskToken | Masks a token for secure display. |
toBase64 | Encodes a string to Base64. |
toBase64Url | Encodes a string to Base64 URL format. |
unmaskToken | Unmasks a previously masked token. |
validateData | Validates data against a given key. |
validatePassword | Validates a password against a stored hash. |
Methods Details
fromBase64()
• Type
(data: string) => string | false
• Details
Expects a Base64 string.
Returns the decoded string or false
if invalid.
fromBase64Url()
• Type
(data: string) => string | false
• Details
Expects a Base64URL string.
Returns the decoded string or false
if invalid.
generatePassword()
• Type
(length?: number) => string
• Details
Expects an optional length (default: 10
).
Returns a randomly generated password.
generateRandomString()
• Type
(length?: number) => string
• Details
Expects an optional length between 1
and 1024
(default: 32
).
Returns a cryptographically secure random string.
hashData()
• Type
(data: string, key: string) => string
• Details
Expects a data string and a key.
Returns the hashed value.
hmacSHA256()
• Type
(data: string, key: string, asBinary?: boolean) => string
• Details
Expects a data string, a key, and optional binary flag.
Returns the HMAC SHA256 hash.
jwtDecodePayload()
• Type
(token: string) => JwtPayload | null
• Details
Expects a JWT string.
Returns the decoded JwtPayload object or null
.
jwtSign()
• Type
(token: string) => JwtPayload | null
• Details
Expects a JWT string.
Returns the decoded JwtPayload object or null
.
jwtVerify()
• Type
(
token: string,
secret: string,
options?: JwtVerificationOptions
) => boolean
• Details
Expects a JWT string, a secret,
and optional JwtVerificationOptions (default: {}
).
Returns true
if the token is valid, false
otherwise.
maskToken()
• Type
(token: string) => string
• Details
Expects a token string.
Returns a masked version for safe logging or display.
toBase64()
• Type
(data: string) => string
• Details
Expects a string.
Returns the Base64-encoded string.
toBase64Url()
• Type
(data: string) => string
• Details
Expects a string.
Returns the Base64URL-encoded string.
unmaskToken()
• Type
(token: string) => string
• Details
Expects a masked token.
Returns the original unmasked token.
validateData()
• Type
(data: string, key: string) => boolean
• Details
Expects a data string and a key.
Returns true
if the data is valid for the given key, otherwise false
.
validatePassword()
• Type
(password: string, hash: string) => boolean
• Details
Expects a password string and a hash string.
Returns true
if the password matches the hash, otherwise false
.