npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

authorize-decorator

v1.0.7

Published

Authorize decorator and methods for JWT validation package

Downloads

15

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

ilichmoralesilichmorales

Keywords

authorizevalidjwtapibearertokendecorator

Readme

authorize-decorator

Validating JWT and implement your express API easily with decorators

Authorize decorator is a npm package for NodeJs to be used with express Web API server and let you use the decorator and validate the request using its default function for validation.

Features

  • Use the @Authorize decorator as C# / Java annotation.
  • Implement with express function as pre evaluating method.
  • Store the JWT (default) on server request.
  • New implementation of Request interface from express and with 'userData' property with the payload

authorize-decorator is a lightweight decorator and method to implement JWT easily.

Tech

authorize-decorator uses a number of open source projects to work properly:

  • node.js - as default application (^14.15.4)
  • jsonwebtoken - jsonwebtoken for validation of the header's Authorization Bearer token (^8.5.1)
  • Express - fast node.js network app framework (^4.18.2)
  • reflect-metadata - Reflect metadata to allow Decorators (^0.1.13)
  • ts-node - Ts-node and ts-node-dev (because it's on TypeScript) (^10.9.1)

You can download the public repository here on GitHub.

Usage

Authorize-decorator requires node.js v14+ to run and is implemented using TypeScript and a Controller file implementing its router function.

Controller UserController.ts

//UserController.ts
import { Request, Response } from 'express';
import { Authorize, AuthRequest } from 'authorize-decorator';

class UserController {
   PublicEndpoint(req: Request, res: Response) {
      //do some task...
      console.log('basic example without authorize decorator');
      res.send({ message: 'Public endpoint was consummed', code: 200 });
   }

   @Authorize()
   PrivateEndpoint(req: AuthRequest, res: Response) {
      //do some task...
      console.log('Private endpoint with private decorator');
      console.log(req.userData);//console.log user data from JWT info
      res.send({ message: 'Private endpoint was consummed', code: 200 });
   }
}

export const PublicEndpoint = new UserController().PublicEndpoint;
export const PrivateEndpoint = new UserController().PrivateEndpoint;

Main index.ts

//index.ts
import * as http from 'http';
import { Request, Response, NextFunction } from 'express';
const express = require('express');
const { JwtValidation } = require('authorize-decorator');
import { PublicEndpoint, PrivateEndpoint } from './UserController';

const app = express();

app.get('/basic', PublicEndpoint);

const signInKey = 'a940532f-c7e9-68a2-0b8d-7c97da19a21c';//example sign-in key for JWT
app.get('/auth', (req: Request, res: Response, next: NextFunction) => JwtValidation(signInKey, req, res, next), 
PrivateEndpoint);

const server = http.createServer(app);

const PORT = process.env.NODE_EXPRESS_PORT || 3000;
server.listen(PORT, () => {
  console.log(`Server listening on address http://localhost:${PORT}`);
});

Development

Want to contribute? Great!

Authorize decorator uses Typescript for fast development.

Package exports

  • Authorize: Method decorator to use on protected endpoint methods of a class as @Authorize()

  • JwtValidation: Function that validates the JWT sent or rejects the request if the token is invalid or it is absent. This is used on the declaration of the definition of the app.( get | post | delete | put ) method as second parameter (check index.ts:13). It accepts 4 parameters:

    • signInKey : string => The key that was used to generate the token, could be as a good practices store on .env file and/or encrypt the string for security purposes.

    • req : Request => The express request property

    • res : Response => The express response property

    • next : NextFunction => The express next function that gives the chance to use next implementation (I.e. PrivateEndpoint).

  • AuthRequest: The authorized request property inherits from Request of express with the aditional property of the payload transformed into the 'userData' prop. This is meant to be used into @Authorized methods.

    • userData: Property with the data of the payload transformed in JSON. Some properties of userData might be unique_name, role, iss (issuer of jwt), exp (expiration), email, aud (audience).

Test

To test te package from the source package, use npm test or npm run test:watch

npm test

License

MIT

This implementation is free everywhere and forever

Contact developers

Collaboration: