search

panva / paseto

PASETO (Platform-Agnostic SEcurity TOkens) for Node.js with no dependencies
MIT License
428 stars 26 forks source link

`{}` makes decryption results hard to use #35

Closed kschaefe closed 1 year ago

kschaefe commented 1 year ago

What happened?

With TypeScript strict checking enabled (https://www.typescriptlang.org/tsconfig#strict), decrypt returns a type that causes compilation errors.

TS7053: Element implicitly has an 'any' type because expression of type '"usr"' can't be used to index type '{}'.
         Property 'usr' does not exist on type '{}'.

I would expect that indexed access would work and that the code should compile.

Changing the return from Promise<object> to Promise<Record<PropertyKey, unknown>> would allow indexed access.

Version

v3.1.1

Node.js Version

v16.13.0

Code to reproduce

paseto.V1.decrypt(token, Buffer.from(key)).then(
    (token) => {
        const uuid = token['usr'];
        // ... do stuff
    }
);

Required

kschaefe commented 1 year ago

Per your guidelines, I have filed this to open a discussion before submitting a PR to fix this problem.

If interested the branch with the failing test for the current code and the fixes is https://github.com/CarnegieLearningWeb/paseto/tree/bugfix/correct-object-types.

panva commented 1 year ago

@kschaefe feel free to submit the PR, feedback to be continued in the PR ;)

panva commented 1 year ago

Fixed by #36