https://github.com/rangle/express-jwt-jwks

Simple JWT auth using JWKS key sets for Express. Wraps express-jwt and jwks-rsa. AWS Cognito compatible.
https://github.com/rangle/express-jwt-jwks

Last synced: about 1 year ago
JSON representation

Simple JWT auth using JWKS key sets for Express. Wraps express-jwt and jwks-rsa. AWS Cognito compatible.

• Host: GitHub
• URL: https://github.com/rangle/express-jwt-jwks
• Owner: rangle
• License: mit
• Created: 2019-01-28T02:08:05.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2024-04-13T16:48:07.000Z (about 2 years ago)
• Last Synced: 2025-03-24T14:12:57.678Z (about 1 year ago)
• Language: JavaScript
• Size: 83 KB
• Stars: 4
• Watchers: 3
• Forks: 1
• Open Issues: 8
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# express-jwt-jwks

Simple JWT auth using JWKS key sets for Express.  Wraps express-jwt and jwks-rsa.  AWS Cognito compatible.

Calls to JWKS are cached, and JWKS entries are associated to a JWT through the "kid" parameter in the JWT header.  Calls through the cache to the remote JWKS are rate limited to 5 req/min.

## Install

    $ npm install express-jwt-jwks

## Usage

The JWT authentication middleware authenticates callers using a JWT.

If the token is valid, `req.user` will be set with the JSON object decoded

to be used by later middleware for authorization and access control.

```javascript

// Obtain JWT auth middleware, using a remote JWKS key set

var SECURE = require('express-jwt-jwks')({

    jwks : "https://....../.well-known/jwks.json"

});

// Express routes, the first is JWT secured, the second is open.

router.get('/restricted', SECURE, (_, res) => {

  res.send("Super secret data")

})

router.get('/open', (_, res) => {

  res.send("Anyone is allowed to see this")

})

```