How to safe the CryptoKey for the djwt #80
Description
Im currently implementing a login system in deno using the djwt library (https://deno.land/x/[email protected]).
It wants me to generate a cryptokey like so:
const key = await crypto.subtle.generateKey(
{ name: "HMAC", hash: "SHA-512" },
true,
["sign", "verify"],
);
Problem is, I cant safe that key in my env variables. If I logout the value of the key it looks like that:
CryptoKey {
type: "secret",
extractable: true,
algorithm: { name: "HMAC", hash: { name: "SHA-512" }, length: 1024 },
usages: [ "sign", "verify" ]
}
When generating the jwt, the create function wants to have such a CryptoKey object instead of a string, like back in the days (
const jwt = await create({ alg: "HS512", typ: "JWT" }, payload, key);
).
How can I consistently safe that cryptokey, so it doesnt change on each restart of my deno app?
Because obviously if i want to verify the old sessions i also need the old key again...
Clad for any help I can get!