@tinyhttp/jwt

JWT middleware for HTTP servers.

Install

pnpm i @tinyhttp/jwt

API

import { jwt } from '@tinyhttp/jwt'

Options

jwt(options)

• secret: can be an array of strings (in case you are using private / public key encryption), or just a string if you are using basic HMAC signing (see the examples below)
• algorithm? ("HS256"): the algorithm used to sign and verify the token
• audience?: the expected "audience" of the jwt token
• issuer?: who issued this token
• expiresIn?: expiration time of the token (ex: 1d for 1 day)
• notBefore?: not before date of the token (ex: 20m for 20 minutes)
• requestHeaderName? ("Authorization"): the name of the header contaning the Bearer token
• responseHeaderName? ("X-Token"): the name of the response header containing the new signed token that will be used later on
• getToken(string)?: string: the method used for ex

Example

Basic secret

import { App } from '@tinyhttp/app'
import { jwt } from '@tinyhttp/jwt'

const app = new App()

app.use(jwt({ secret: 'very secret string', algorithm: 'HS256' }))
app.get('/', (req, res) => {
  res.send('Data inside the payload: ' + req['user'])
})

app.listen(8080)

Private / Public key

import { App } from '@tinyhttp/app'
import { jwt } from '@tinyhttp/jwt'

const app = new App()

app.use(jwt({ secret: ['PRIVATE KEY HERE', 'PUBLIC KEY HERE'], algorithm: 'RS256' }))
app.get('/', (req, res) => {
  res.send('Data inside the payload: ' + req['user'])
})

app.listen(8080)

License

MIT © BRA1L0R