Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/tsndr/cloudflare-worker-jwt
A lightweight JWT implementation with ZERO dependencies for Cloudflare Workers.
https://github.com/tsndr/cloudflare-worker-jwt
cloudflare-worker cloudflare-workers esm esmodules jsonwebtoken jwt lightweight npm npm-package ts typescript zero-dependencies zero-dependency
Last synced: about 16 hours ago
JSON representation
A lightweight JWT implementation with ZERO dependencies for Cloudflare Workers.
- Host: GitHub
- URL: https://github.com/tsndr/cloudflare-worker-jwt
- Owner: tsndr
- License: mit
- Created: 2021-02-04T10:35:25.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-07-24T05:13:26.000Z (2 months ago)
- Last Synced: 2024-09-16T06:50:46.138Z (9 days ago)
- Topics: cloudflare-worker, cloudflare-workers, esm, esmodules, jsonwebtoken, jwt, lightweight, npm, npm-package, ts, typescript, zero-dependencies, zero-dependency
- Language: TypeScript
- Homepage:
- Size: 368 KB
- Stars: 650
- Watchers: 7
- Forks: 52
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
README
# Cloudflare Worker JWT
A lightweight JWT implementation with ZERO dependencies for Cloudflare Workers.
## Contents
- [Install](#install)
- [Examples](#examples)
- [Usage](#usage)
- [Sign](#sign)
- [Verify](#verify)
- [Decode](#decode)## Install
```
npm i @tsndr/cloudflare-worker-jwt
```## Examples
### Basic Example
```typescript
async () => {
import jwt from '@tsndr/cloudflare-worker-jwt'// Creating a token
const token = await jwt.sign({ name: 'John Doe', email: '[email protected]' }, 'secret')// Verifing token
const isValid = await jwt.verify(token, 'secret')// Check for validity
if (!isValid)
return// Decoding token
const { payload } = jwt.decode(token)
}
```### Restrict Timeframe
```typescript
async () => {
import jwt from '@tsndr/cloudflare-worker-jwt'// Creating a token
const token = await jwt.sign({
name: 'John Doe',
email: '[email protected]',
nbf: Math.floor(Date.now() / 1000) + (60 * 60), // Not before: Now + 1h
exp: Math.floor(Date.now() / 1000) + (2 * (60 * 60)) // Expires: Now + 2h
}, 'secret')// Verifing token
const isValid = await jwt.verify(token, 'secret') // false// Check for validity
if (!isValid)
return// Decoding token
const { payload } = jwt.decode(token) // { name: 'John Doe', email: '[email protected]', ... }
}
```## Usage
- [Sign](#sign)
- [Verify](#verify)
- [Decode](#decode)
### Sign
#### `jwt.sign(payload, secret, [options])`Signs a payload and returns the token.
#### Arguments
Argument | Type | Status | Default | Description
------------------------ | ------------------ | -------- | ----------- | -----------
`payload` | `object` | required | - | The payload object. To use `nbf` (Not Before) and/or `exp` (Expiration Time) add `nbf` and/or `exp` to the payload.
`secret` | `string`, `JsonWebKey`, `CryptoKey` | required | - | A string which is used to sign the payload.
`options` | `string`, `object` | optional | `HS256` | Either the `algorithm` string or an object.
`options.algorithm` | `string` | optional | `HS256` | See [Available Algorithms](#available-algorithms)
`options.keyid` | `string` | optional | `undefined` | The `keyid` or `kid` to be set in the header of the resulting JWT.#### `return`
Returns token as a `string`.
### Verify
#### `jwt.verify(token, secret, [options])`Verifies the integrity of the token and returns a boolean value.
Argument | Type | Status | Default | Description
------------------------ | ------------------ | -------- | ------- | -----------
`token` | `string` | required | - | The token string generated by `jwt.sign()`.
`secret` | `string`, `JsonWebKey`, `CryptoKey` | required | - | The string which was used to sign the payload.
`options` | `string`, `object` | optional | `HS256` | Either the `algorithm` string or an object.
`options.algorithm` | `string` | optional | `HS256` | See [Available Algorithms](#available-algorithms)
`options.clockTolerance` | `number` | optional | `0` | Clock tolerance in seconds, to help with slighly out of sync systems.
`options.throwError` | `boolean` | optional | `false` | By default this we will only throw implementation errors, only set this to `true` if you want verification errors to be thrown as well.#### `throws`
If `options.throwError` is `true` and the token is invalid, an error will be thrown.#### `return`
Returns `true` if signature, `nbf` (if set) and `exp` (if set) are valid, otherwise returns `false`.
### Decode
#### `jwt.decode(token)`Returns the payload **without** verifying the integrity of the token. Please use `jwt.verify()` first to keep your application secure!
Argument | Type | Status | Default | Description
----------- | -------- | -------- | ------- | -----------
`token` | `string` | required | - | The token string generated by `jwt.sign()`.#### `return`
Returns an `object` containing `header` and `payload`:
```javascript
{
header: {
alg: 'HS256',
typ: 'JWT'
},
payload: {
name: 'John Doe',
email: '[email protected]'
}
}
```### Available Algorithms
- ES256
- ES384
- ES512
- HS256
- HS384
- HS512
- RS256
- RS384
- RS512