@byu-oit-sdk/express-jwt
v0.1.2
Published
Express plugin for verifying JWTs in express server requests
Downloads
629
Readme
@byu-oit-sdk/jwt-express
Requirements:
- Node.js 18+
- npm v9+
Installing
npm install @byu-oit-sdk/jwt-express
Introduction
This express plugin allows for verification and decoding of JWTs.
Options
Along with the options for the CreateJwt() function (see docs for jwt package), the following options can be passed in when registering the plugin with fastify.
| Option | Type | Default | Description | |-------------------|---------------------------------------------|---------|--------------------------------------------------------------------------------------------------------------------| | prefix | string | - | Used to specify what route the middleware is registered with. | | transformer | JwtPayloadTransformer<Payload, Transformer> | - | The function that you will use for manipulating the JWT you are authenticating. | | getJwt | function | - | A function for getting the JWT from the request. By default, the JWT is pulled from the auth header. | | validate | boolean | - | Boolean used to signify if we want to validate the jwt if true, or just decode it if false. |
Usage
import express from 'express'
import request from 'supertest'
import { verifyJwtPlugin } from '../src/express.js'
import { Type } from '@sinclair/typebox'
// set up express server
const app = express()
// use the transformer
const transformer = (payload: { 'http://byu.edu/claims/client_preferred_first_name': string }): { preferred_first_name: string } => ({ preferred_first_name: payload['http://byu.edu/claims/client_preferred_first_name'] })
try {
app.use(verifyJwtPlugin({ schema: Type.Object({ }, { additionalProperties: true }), key: '', validate: false, transformer }))
} catch (e) {
console.log(e)
}
// define an endpoint
app.get('/', (req, res) => {
res.send(req.caller)
})
const server = app.listen(3000)
const response = await request(server).get('/').set('Authorization', /* A valid token */).send({ })
console.log(response)
server.close()