Package Exports
- @forrestjs/service-jwt
- @forrestjs/service-jwt/src/index.js
- @forrestjs/service-jwt/test/globals
- @forrestjs/service-jwt/test/globals.js
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@forrestjs/service-jwt) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
@forrestjs/service-jwt
ForrestJS service which helps handling jwt activities. More or less it provides
a Promise wrapped jsonwebtoken module.
Usage
service-jwt decorates the App's Context with a jwt.sign() and jwt.verify() helpers:
registerAction({
target: 'myHook',
handler: async (args, ctx) => {
const token = await ctx.jwt.sign({ foo: 123 });
console.log(token);
const data = await ctx.jwt.verify(token);
console.log(data);
},
});After the App initializes, you can simply import the helpers and use it straight:
const { sign, verify } = require('@forrestjs/service-jwt');
const token = await sign({ foo: 123 });
const isValid = await verify(token);Configuration
Environment
NOTE: it is important to list service-jwt AFTER service-env so that any kind of environment
configuration is available to be used.
JWT_SECRET=xxx
JWT_DURATION=1yConfig
registerAction({
target: '$SETTINGS',
handler: ({ setConfig }) => {
setConfig('jwt.secret', 'your-safe-secret');
setConfig('jwt.duration', '1y');
},
});Methods
sign(payload, [ settings{}, customSecret ])
settings can use whatever you would pass to jsonwebtoken. The property
expiresIn is defaulted to the global duration setting.
customSecret is defaulted to the global secret setting.
verify(token, [ customSecret ])
customSecret is defaulted to the global secret setting.
It resolves with the token's decoded content or throws an error in case it it not valid.