jwtlib
v0.1.2
Published
JSON Web Token implementation (symmetric and asymmetric)
Downloads
1
Readme
Installation
$ npm install jwtlib
Usage
jwt.sign(payload, secretOrPrivateKey, [options, callback])
Import in node.js file
const jwt = require('jwtlib')
//or
import jwt from ('jwtlib')
---must specify the algorithm as 'HS256' for Symmetric and 'RS256' or 'ES256' for asymmetric in options.
jwt.sign(payload, secretOrPrivateKey, {options}) secretOrPrivateKey is a string (utf-8 encoded), buffer, object, or KeyObject containing either the secret for HMAC algorithms or the PEM encoded private key for RSA and ECDSA. In case of a private key with passphrase an object { key, passphrase } can be used (based on crypto documentation), in this case be sure you pass the algorithm. When signing with RSA algorithms the minimum modulus length is 2048 except when the allowInsecureKeySizes option is set to true. Private keys below this size will be rejected with an error.
Sign with (HMAC SHA256)
const jwt = require('jwtlib');
var token = jwt.sign({name: 'suman' }, 'secret',{ expiresIn : '15m',algorithm:'HS256'});
sign with RSA SHA256
const jwt = require('jwtlib');
var privateKey = fs.readFileSync('private.key');// get private key should be pem file
var token = jwt.sign({ name: 'suman' }, privateKey, { expiresIn : '15m',algorithm:'RS256'});
sign with ES256
const jwt = require('jwtlib');
var privateKey = fs.readFileSync('private.key');// get private key should be pem file
var token = jwt.sign({ name: 'suman' }, privateKey, { expiresIn : '15m',algorithm:'ES256'});
verify a token symmetric
jwt.verify(token, 'secret',function(err, decoded) {
console.log(decoded.name) // suman
});
verify a token asymmetric
var publickey = fs.readFileSync('public.key'); // get public key should be pem file
jwt.verify(token, publickey,function(err, decoded) {
console.log(decoded.name) // suman
});