neoprint.verifyIntegrityToken()
Decode and verify an integrity token generated by attestDevice.
Signature
ts
function verifyIntegrityToken(token: string): {
valid: boolean
payload: {
fid: string // fingerprint ID
sid: string // stable ID
sc: number // attestation score
fc: number // number of passed factors
ts: number // timestamp
ch: string | null // challenge nonce
} | null
}Example
js
// Server-side (Node.js)
app.post('/api/verify', (req, res) => {
const { token } = req.body
const { valid, payload } = neoprint.verifyIntegrityToken(token)
if (!valid) return res.status(403).json({ error: 'invalid token' })
if (payload.ch !== expectedNonce) return res.status(403).json({ error: 'replay' })
if (Date.now() - payload.ts > 30000) return res.status(403).json({ error: 'expired' })
if (payload.sc < 0.7) return res.status(403).json({ error: 'low trust' })
res.json({ trusted: true, fingerprintId: payload.fid })
})