npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

jwtmoshiur

v1.1.3

Published

JWT auto-setup package with token generation and verification

Downloads

1,171

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

moshiurrahmandeapmoshiurrahmandeap

Keywords

jwtmoshiurjwtauthenticationtokensecurity

Readme

JWT Moshiur

Video Tutorial

Video

JWT Moshiur

JWT Moshiur is a zero-configuration npm package for quickly adding JWT token generation and verification to Node.js applications. It creates the necessary project files automatically and keeps integration simple.

npm version license

Overview

JWT Moshiur simplifies JWT integration by generating a .env file and utility scripts during installation. The package supports both JavaScript and TypeScript projects, so you can begin issuing and validating tokens with minimal setup.

Installation

npm install jwtmoshiur

Once installation completes, run the setup command to generate configuration and utility files:

npx jwtmoshiur

After this command, your project will contain:

  • .env with JWT configuration
  • utils/generateToken.js or utils/generateToken.ts
  • utils/verifyToken.js or utils/verifyToken.ts

Quick Start

Generate a Token

const { generateToken } = require('./utils/generateToken');

const token = generateToken({
  userId: '12345',
  email: '[email protected]',
  role: 'admin'
});

console.log(token);

Verify a Token

const { verifyToken } = require('./utils/verifyToken');

try {
  const decoded = verifyToken(token);
  console.log(decoded);
} catch (error) {
  console.error('Token is invalid or expired');
}

Usage Examples

Express.js Authentication Middleware

const express = require('express');
const { verifyToken } = require('./utils/verifyToken');
const { generateToken } = require('./utils/generateToken');

const app = express();

const authMiddleware = (req, res, next) => {
  const authorization = req.headers.authorization;
  const token = authorization ? authorization.split(' ')[1] : null;

  if (!token) {
    return res.status(401).json({ error: 'No token provided' });
  }

  try {
    req.user = verifyToken(token);
    next();
  } catch (err) {
    return res.status(401).json({ error: 'Invalid token' });
  }
};

app.post('/login', (req, res) => {
  const user = { id: 1, email: '[email protected]' };
  const token = generateToken(user);
  res.json({ token });
});

app.get('/profile', authMiddleware, (req, res) => {
  res.json({ user: req.user });
});

app.listen(3000, () => console.log('Server running on port 3000'));

Simple Async/Await Example

const { generateToken, verifyToken } = require('./utils');

async function authenticateUser(credentials) {
  const token = generateToken({
    userId: credentials.id,
    email: credentials.email,
    timestamp: Date.now()
  });

  const payload = verifyToken(token);
  console.log('Authenticated user:', payload.email);
  return payload;
}

Custom Token Expiry

const { generateToken } = require('./utils/generateToken');

const token = generateToken({ userId: '123' });

Token expiry is controlled by JWT_EXPIRY in .env.

Configuration

Update your .env file to customize JWT settings:

# JWT Moshiur Configuration
JWT_SECRET=your-super-secret-key-change-this-in-production
JWT_EXPIRY=24h

Environment Variables

| Variable | Default | Description | |----------|---------|-------------| | JWT_SECRET | Generated | Secret used to sign tokens | | JWT_EXPIRY | 24h | Token expiry period |

Use a strong, unique secret in production.

API Reference

generateToken(payload: object): string

Generates a signed JWT token.

Example:

const token = generateToken({
  userId: '123',
  email: '[email protected]',
  role: 'user'
});

verifyToken(token: string): object

Verifies a JWT token and returns the decoded payload.

Example:

try {
  const payload = verifyToken(token);
  console.log('Valid token:', payload);
} catch (error) {
  console.error('Invalid token:', error.message);
}

Manual Setup

If you need to run setup again:

npx jwtmoshiur

Project Structure

After setup, your project will include:

your-project/
├── .env
├── utils/
│   ├── generateToken.js
│   └── verifyToken.js
├── node_modules/
│   └── jwtmoshiur/
└── package.json

Security Guidelines

  • Do not commit .env to source control.
  • Use a strong JWT secret.
  • Rotate secrets periodically.
  • Use HTTPS in production.
  • Choose an expiry period that fits your security requirements.

Troubleshooting

Setup did not run automatically

Run:

npx jwtmoshiur

Token verification fails

  • Confirm JWT_SECRET is present in .env
  • Confirm token has not expired
  • Confirm the token was generated with the same secret

.env file is missing

Run the setup command manually and verify the file exists.

License

MIT

Issue: Auto setup not working after npm install

Solution: Manually run the setup command:

npx jwtmoshiur

Or if you're in the package, run:

npm exec jwtmoshiur

Or update to v1.0.1+:

npm install jwtmoshiur@latest

Issue: Token generation fails

Solution: Ensure JWT_SECRET is set in .env

Issue: "Invalid token" error

Solution: Verify the token hasn't expired or been tampered with

Issue: .env not created

Solution: Run npx jwtmoshiur to manually trigger setup

Requirements

  • Node.js >= 14.0.0
  • npm >= 6.0.0

Dependencies

  • jsonwebtoken - JWT signing and verification
  • dotenv - Environment variable management

License

MIT License - see LICENSE file for details

Author

Created by Moshiur Rahman Deap Portfolio - (Moshiur Rahman Deap)[https://moshiurrahman.online]

Contributing

Contributions are welcome! Feel free to submit issues and pull requests.

Support

If you have any questions or issues, please open an issue on GitHub or contact the maintainer.

Happy coding! 🎉