Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/justinsisley/tokenpress
A JWT utility belt for JavaScript applications
https://github.com/justinsisley/tokenpress
authentication javascript jwt nodejs
Last synced: about 1 month ago
JSON representation
A JWT utility belt for JavaScript applications
- Host: GitHub
- URL: https://github.com/justinsisley/tokenpress
- Owner: justinsisley
- License: mit
- Created: 2017-04-08T05:00:48.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2020-01-04T04:43:30.000Z (almost 5 years ago)
- Last Synced: 2024-10-05T11:46:08.130Z (3 months ago)
- Topics: authentication, javascript, jwt, nodejs
- Language: JavaScript
- Homepage:
- Size: 32.2 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
tokenpress
A JWT utility belt for JavaScript applications---
# Table of Contents
- [Features](#features)
- [Documentation](#documentation)
- [Installation](#installation)
- [Node.js](#nodejs)
- [Browser](#browser)
- [Contributing](#contributing)
- [Linting](#linting)
- [Testing](#testing)
- [Releases](https://github.com/justinsisley/tokenpress/blob/master/CHANGELOG.md)
- [Credits](#credits)# Features
- __Convenient, universal utilities for handling JWTs__
- __JWTs generated by [node-jsonwebtoken](https://github.com/auth0/node-jsonwebtoken)__
- __Runs on Node.js v8+__# Documentation
## Installation
```bash
npm install tokenpress
```## Node.js
Configure tokenpress before using it:
```javascript
const tokenpress = require('tokenpress');tokenpress.configure({
// Required: string or buffer containing the secret for HMAC algorithms
secret: 'CHANGE_THIS_SECRET',
// Required: string describing a time span zeit/ms. Eg: 60, "2 days", "10h", "7d"
expiresIn: '30 days',
// Optional: Minimum and maximum token lengths for getURLSafeToken utility
minTokenLength: 30,
maxTokenLength: 50,
});
```Sign a token:
```javascript
const tokenpress = require('tokenpress');const token = tokenpress.jwt.sign({
username: 'clever_username_ftw',
role: 'USER',
});
```Verify a token using JWKS:
```javascript
const tokenpress = require('tokenpress');tokenpress.configure({
algorithms: ['RS256'],
audience: 'my audience',
issuer: `https://my-app.com/`,
jwksUri: `https://my-app.com/jwks.json`,
});const someToken = 'blah.blah.blah';
tokenpress.jwt.verifyWithJWKS(someToken).then((decodedJWT) => {
console.log(decodedJWT)
});
```Use tokenpress middleware to require authentication for a route:
```javascript
const tokenpress = require('tokenpress');
const { requireAuth } = tokenpress.middleware;router.get('/user/account', requireAuth, (req, res) => {
// req.jwt contains the decoded JWT
const { username, role } = req.jwt;res.json({ username, role });
});
```> Note: If the authentication check fails, a 401 (unauthorized) response will be sent as JSON. The response will contain an `error` property that will equal either `EXPIRED_TOKEN` or `INVALID_TOKEN`. `INVALID_TOKEN` can be caused by any of the conditions listed in the [jsonwebtoken docs](https://github.com/auth0/node-jsonwebtoken#jsonwebtokenerror).
Generate a random, variable-length, hexadecimal string using the crypto.randomBytes function. The minumum length defaults to 30, and the maximum length defaults to 50.
```javascript
const tokenpress = require('tokenpress');const randomToken = tokenpress.utils.getURLSafeToken();
```## Browser
Optionally configure whether to use sessionStorage as opposed to localStorage for storing tokens on the client. By default, localStorage will be used.
```javascript
import tokenpress from 'tokenpress/browser';tokenpress.configure({
useSessionStorage: true,
});
```Optionally configure the key used when saving to localStorage or sessionStorage. Defaults to `token`.
```javascript
import tokenpress from 'tokenpress/browser';tokenpress.configure({
storageKey: 'custom-token-name',
});
```Save a token to localStorage/sessionStorage:
```javascript
import tokenpress from 'tokenpress/browser';mockFunctionToGetTokenFromServer().then((token) => {
tokenpress.save(token)
});
```Retrieve a token from localStorage/sessionStorage:
```javascript
import tokenpress from 'tokenpress/browser';const token = tokenpress.get();
```Delete a token from localStorage/sessionStorage:
```javascript
import tokenpress from 'tokenpress/browser';tokenpress.delete();
```Determine if a token is expired:
```javascript
import tokenpress from 'tokenpress/browser';// Will fetch token from localStorage/sessionStorage by default
const isTokenExpired = tokenpress.isExpired();
console.log(isTokenExpired); // true or false// Or, check a token you've previously retrieved
const token = tokenpress.get();
const isMyOtherTokenExpired = tokenpress.isExpired(token);
console.log(isMyOtherTokenExpired); // true or false
```# Contributing
## Linting
Run ESLint with `npm run lint`.
## Testing
Run unit tests with `npm test`.
# Credits