export function validateSignatureAndDecrypt()

in src/core/utils/auth.ts [83:113]

• 24 lines of code
• 8 McCabe index (conditional complexity)

export function validateSignatureAndDecrypt(data: string): string | undefined {
  try {
    const dataSegments: string[] = data.includes(":") ? data.split(":") : [];

    if (dataSegments.length < 3) {
      return undefined;
    }

    // validate signature
    const signature = dataSegments.shift() || "";
    const signedData = dataSegments.join(":");

    const hash = crypto.createHmac(HMAC_ALGORITHM, process.env.SALT || "");
    hash.update(signedData);
    const testSignature = hash.digest("hex");

    if (signature !== testSignature) {
      return undefined;
    }

    // decrypt
    const iv = Buffer.from(dataSegments.shift() || "", "hex");
    const encryptedText = Buffer.from(dataSegments.join(":"), "hex");
    const decipher = crypto.createDecipheriv(CIPHER_ALGORITHM, Buffer.from(ENCRYPTION_KEY), iv);
    let decrypted = decipher.update(encryptedText);
    decrypted = Buffer.concat([decrypted, decipher.final()]);
    return decrypted.toString();
  } catch {
    return undefined;
  }
}