Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/pnxtech/jwt-simple-auth


https://github.com/pnxtech/jwt-simple-auth

Last synced: 9 months ago
JSON representation

Awesome Lists containing this project

README 

          
# jwt-simple-auth



[![npm version](https://badge.fury.io/js/jwt-simple-auth.svg)](https://badge.fury.io/js/jwt-simple-auth) NPM downloads [![npm](https://img.shields.io/npm/l/jwt-simple-auth.svg)]()



[JSON Web Token](https://en.wikipedia.org/wiki/JSON_Web_Token) Authentication.



### Using jwt-simple-auth

`jwt-simple-auth` is intended for use by servers / services and relies on external RSA digital certificates in order to carry out its operations.

Use the supplied `keygen.sh` script if you need to create a public/private key pair.



Some services might use a private certificate to create a JSON Web Token, while another service might just use the public certificate to validate the authenticity of a token.



jwt-simple-auth works with two types of tokens: an access token and a refresh token. Access tokens are short lived (one hour by default) and will expire upon that time. You may use a refresh token to obtain a fresh new access token. The refresh token will also expire (one week by default) and at that point you'll need to create a new refresh token. In systems where users sign-in requesting a new refresh token requires entering valid credentials.



Load jwt-simple-auth as you would normally and load the private and public certificates.  You can replace the loadCerts parameters with `null` if you only need to load a private or public certificate.



```javascript

const jwtAuth = require('jwt-simple-auth');

jwtAuth.loadCerts('./server.pem', './server.pub');

```



Overriding default options:



The jwt-auth init member can be used to override default values. At this time there's only two default values: `accessTokenExpirationInSeconds` which as a default set to 3600 seconds or one hour and `refreshTokenExpirationInSeconds` which defaults to 2419200 or four weeks.



To set an access token expiration to only 10 seconds and a refresh token expiration to 60 seconds:



```javascript

jwtAuth.init({

  accessTokenExpirationInSeconds: 10,

  refreshTokenExpirationInSeconds: 60

});

```



To create a JWT token:



```javascript

const payload = {

  userID: 34,

  admin: true

};

jwtAuth.createToken(payload, 'access')

  .then((token) => {

    // token is now ready for use.

  });

```



To verify a JWT token:



```javascript

jwtAuth.verifyToken(token, 'access')

  .then((response) => {

    // if valid, the response is decoded JWT payload, see verify token response below.

  });

```



Verify token response

```javascript

{

  "userID": 34,

  "admin": true,

  "iss": "urn:auth",

  "jti": "2fd6th6tqfz101",

  "exp": 1466614755,

  "iat": 1466614754

}

```



To refresh a valid token:



```javascript

jwtAuth.refreshToken(token)

  .then((newToken) => {

    // if original token was valid then a newToken is returned.

  });

```



To retrieve a hash of an existing token:



```javascript

let hash = jwtAuth.getTokenHash(token);

```



This is useful when implementing a token management scheme.



### Creating private and public certificates

You can use the supplied `keygen.sh` script to create certificates for use with jwt-auth.



```shell

$ ./keygen.sh

```



### Tests

This project includes mocha/chai tests.  Make sure you have mocha installed globally.



```shell

$ npm install mocha -g

```



Then run:



```shell

$ npm test

```