jwt-auth-utility
v1.0.6
Published
**jwt-auth-utility** is a lightweight and easy-to-use utility package for handling JSON Web Tokens (JWT) in Node.js applications. It simplifies the process of generating, signing, verifying, and refreshing access and refresh tokens, making it ideal for im
Downloads
368
Maintainers
Readme
jwt-auth-utility
jwt-auth-utility is a lightweight and easy-to-use utility package for handling JSON Web Tokens (JWT) in Node.js applications. It simplifies the process of generating, signing, verifying, and refreshing access and refresh tokens, making it ideal for implementing JWT-based authentication in your project.
Features
- Access & Refresh Tokens: Easily generate and manage access and refresh tokens.
- Custom Token Lifespan: Configure expiration times for access and refresh tokens.
- Token Verification: Verify the authenticity of access and refresh tokens.
- Token Decoding: Decode JWTs without verification for quick access to payload data.
- Refresh Tokens: Generate new access tokens using refresh tokens.
Table of Contents
Installation
Install the package via npm:
npm install jwtauthutil
Usage
Basic Setup
To start using jwtauthutil, first import and initialize the JWT utility by providing your secrets:
import JWT from 'jwtauthutil';
const jwtUtil = new JWT('your_access_secret', 'your_refresh_secret', {
accessTokenLife: '1d', // Optional, defaults to '1d'
refreshTokenLife: '7d' // Optional, defaults to '7d'
});
Generating Tokens
You can generate both access and refresh tokens by passing a payload:
const payload= {
userId: 123,
email: "[email protected]",
role: "admin"
}
const { accessToken, refreshToken } = jwtUtil.generateTokens(payload);
Verifying Tokens
To verify an access token:
const decodedAccessToken = jwtUtil.verifyAccessToken(accessToken);
To verify a refresh token:
const decodedRefreshToken = jwtUtil.verifyRefreshToken(refreshToken);
Refreshing Access Tokens
To generate a new access token using a refresh token:
const newAccessToken = jwtUtil.refreshAccessToken(refreshToken);
Decoding Tokens
You can decode tokens without verifying their validity:
const payload = jwtUtil.decodeToken(accessToken);