npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

easy-jwt

v0.2.2

Published

Simple boilerplate implementation for JWT authorisation

Downloads

5

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

_gav_gav

Keywords

Readme

easy-jwt

A dead easy implementation of JWT as authentication.

Simple usage

// initialise EasyJWT with some definitions
const easyAuth = new EasyJWT({
  secret: 'my-application-secret'
  accessToken: { expiresIn: 60 * 60 * 24 },     // expires in a day
  refreshToken: { expiresIn: 60 * 60 * 24 * 7 } // expires in a week
})

// create token for a user
const {accessToken, expiresIn, refreshToken} = easyAuth.createTokens(
  currentUser.id,                       // this is the 'subject' of our JWT
  { employeeLevels: ['administrator'] } // these are any arbitrary custom claims
)

// this token can then later be verified like
const tokenPayload = await easyAuth.verifyJwt( accessToken )
tokenPayload.employeeLevel // ['administrator']

// or refreshed like so
const newAccessToken = easyAuth.refreshJwt( refreshToken )

// the custom claims are automatically copied across
newAccessToken.employeeLevel // ['administrator']

Advanced usage

We can add additional validation steps like so.

The custom function should return true if the token is valid

// any access tokens should have claim employeeLevel array containing 'administrator'
easyAuth.accessTokenValidation((jwt, payload) => {
  return payload.employeeLevel.includes('administrator')
})

// refresh tokens should *not* be revoked
easyAuth.refreshTokenValidation((jwt, payload) => {
  return RevokedTokensTable.where('token', '=', jwt).count() < 1
})

If we tell EasyJWT what the subject refers to, we can even use the tokens directly to return your models

type ReturnsUser = Promise<User | undefined>

easyAuth.getsModel<ReturnsUser>(async (jwt, payload) => {
  return await UserTable.where('id', '=', payload.sub ).first() ?? undefined
})

const authorisedUser = await easyAuth.getModel<ReturnsUser>( accessToken )

Errors

Custom errors that may be thrown include:

EasyJWTValidationError

When custom validation checks fail

EasyJWTTypeError

When a refresh attempt is made on a token of type other than refresh_token

EasyJWTSubjectError

When a token is missing a subject

EasyJWTGetModelError

When at attempt is made to use getModel before the retrieval function has been defined

All base jsonwebtoken errors

see project readme