{"id":14989622,"url":"https://github.com/lagden/koa-jwt-authz","last_synced_at":"2025-04-12T01:40:40.291Z","repository":{"id":35097992,"uuid":"206492560","full_name":"lagden/koa-jwt-authz","owner":"lagden","description":"Validate a JWTs scope to authorize access to an endpoint","archived":false,"fork":false,"pushed_at":"2023-01-24T08:54:18.000Z","size":573,"stargazers_count":5,"open_issues_count":3,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-25T09:51:45.376Z","etag":null,"topics":["auth0","jwt","koa2","middleware","permissions","scope"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lagden.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-09-05T06:37:45.000Z","updated_at":"2022-08-24T20:39:06.000Z","dependencies_parsed_at":"2023-02-13T19:31:32.650Z","dependency_job_id":null,"html_url":"https://github.com/lagden/koa-jwt-authz","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lagden%2Fkoa-jwt-authz","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lagden%2Fkoa-jwt-authz/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lagden%2Fkoa-jwt-authz/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lagden%2Fkoa-jwt-authz/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lagden","download_url":"https://codeload.github.com/lagden/koa-jwt-authz/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248070374,"owners_count":21042816,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["auth0","jwt","koa2","middleware","permissions","scope"],"created_at":"2024-09-24T14:18:39.841Z","updated_at":"2025-04-12T01:40:40.269Z","avatar_url":"https://github.com/lagden.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# koa-jwt-authz\n\n[![NPM version][npm-img]][npm]\n[![Build Status][ci-img]][ci]\n[![Coverage Status][coveralls-img]][coveralls]\n\n[npm-img]:         https://img.shields.io/npm/v/@tadashi/koa-jwt-authz.svg\n[npm]:             https://www.npmjs.com/package/@tadashi/koa-jwt-authz\n[ci-img]:          https://github.com/lagden/koa-jwt-authz/actions/workflows/nodejs.yml/badge.svg\n[ci]:              https://github.com/lagden/koa-jwt-authz/actions/workflows/nodejs.yml\n[coveralls-img]:   https://coveralls.io/repos/github/lagden/koa-jwt-authz/badge.svg?branch=master\n[coveralls]:       https://coveralls.io/github/lagden/koa-jwt-authz?branch=master\n\n\nValidate a JWTs `scope` to authorize access to an endpoint.\n\n## Install\n\n```\n$ npm i -S @tadashi/koa-jwt-authz\n```\n\n\u003e `koa \u003e=2` is a peer dependency. Make sure it is installed in your project.\n\n\n## Usage\n\nUse together with [koa-jwt](https://github.com/koajs/jwt) to both validate a JWT and make sure it has the correct permissions to call an endpoint.\n\n```js\nimport jwtAuthz from '@tadashi/koa-jwt-authz'\nimport jwt from 'koa-jwt'\nimport Koa from 'koa'\nimport Router from '@koa/router'\n\nconst app = new Koa()\nconst router = new Router()\n\nrouter.get('/', ctx =\u003e {\n  ctx.body = {home: 'free'}\n})\n\nrouter.get('/me',\n  jwt({secret: 'shared_secret'}),\n  jwtAuthz(['read:users']),\n  ctx =\u003e {\n    ctx.body = ctx.state.user\n  }\n)\n\napp.use(router.middleware())\napp.listen(process.env.PORT ?? 3000)\n```\n\n---\n\nThe JWT must have a `scope` claim and it must either be a string of space-separated permissions or an array of strings. For example:\n\n```\n# String: \"write:users read:users\"\n\n# Array: [\"write:users\", \"read:users\"]\n```\n\n\n## API\n\n\n#### jwtAuthz(expectedScopes \\[, options\\])\n\nparameter      | type                 | required    | default               | description\n-----------    | -------------------- | ----------- | -------------------   | ------------\nexpectedScopes | Array                | yes         | -                     | List of permissions\noptions        | Object               | no          | [see below](#options) | Options\n\n\n#### options\n\nparameter      | type                 | required    | default             | description\n-----------    | -------------------- | ----------- | ------------------- | ------------\ncheckAllScopes | Boolean              | no          | false               | When true, all the expected scopes will be checked against the user's scopes\ncustomScopeKey | String               | no          | scope               | The property name to check for the scope\n\n\n## Author\n\n[\u003cimg src=\"https://avatars.githubusercontent.com/u/130963?s=390\" alt=\"Thiago Lagden\" width=\"100\"\u003e](https://github.com/lagden)\n\n\n## License\n\nMIT © [Thiago Lagden](https://github.com/lagden)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flagden%2Fkoa-jwt-authz","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flagden%2Fkoa-jwt-authz","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flagden%2Fkoa-jwt-authz/lists"}