@micro-xpress/jwt NPM

MicroXpress JWT

MicroXpress JWT is a JWT (JSON Web Token) authentication module for the MicroXpress proprietary framework. It provides seamless JWT generation, verification, and token-based authentication middleware for microservices.

Installation

Install the package via npm:

npm install @micro-xpress/jwt

Or using Yarn:

yarn add @micro-xpress/jwt

Features

JWT Token Generation & Verification
JWKS Generation using RSA public key
Middleware for Authentication & Authorization
Configurable Secret & Expiry Settings
Support for Token Revocation
Integrates with MicroXpress

Getting Started

Generating a JWT

const jwt = require('@micro-xpress/jwt');
const privateKey = fs.readFileSync('privatekey.pem');
const token = jwt.sign(
    {
        foo: 'bar',
        exp: Math.floor(Date.now() / 1000) + 60 * 60,
        aud: 'example.com',
        sub: 'userId12345',
        iss: 'example.com',
    },
    'abcdefghijk',
    privateKey
);
console.log('Generated Token:', token);

Verifying a JWT

const jwt = require('@micro-xpress/jwt');
/**
 * you must have to set JWKS_URL environment variable which should be publicly accessible.
 * e.g. https://example.com/.well-known/jwks
 */
jwt.verify(jwtToken, (err, decoded) => {
    if (err) {
        throw err;
    }
    console.log('Decoded Payload:', decoded);
});

Generating JWKS

const jwt = require('@micro-xpress/jwt');
const fs = require('fs');
const publicKey = fs.readFileSync('public_key.pem');
// you must set JWKS_JSON_FILE_PATH environment variable.
jwt.generateJwks(publicKey);

Middleware Integration

Use the JWT authentication middleware in your MicroXpress application.

const { jwtHandler } = require('@micro-xpress/jwt');
const express = require('express');
const app = express();
app.use(jwtHandler());

To protect specific routes:

const jwt = require('@micro-xpress/jwt');

//This code is executed for every request to the handler. NOTE: The middlewares will be executed in the order.
const middlewares = [
    (req, res, next) => {
        if (!req.headers.authorization) {
            return res.status(401).json({ message: 'Unauthorized' });
        }
        const token = req.headers.authorization.replace('Bearer ', '');
        jwt.verify(token, (err, user) => {
            if (err) {
                throw err;
            }
            req.user = user;
            next();
        });
    },
];

// A handler that handles PUT requests to the /pet path
function updatePet(req, res) {
    const { msg } = req.query;
    return res.json({
        update: msg,
    });
}

module.exports = { middlewares, updatePet };

Contributing

We welcome contributions to @micro-xpress/jwt! If you have a feature request or find a bug, please open an issue or submit a pull request. Follow the contribution guidelines for more details.

License

@micro-xpress/jwt is licensed under the MIT License.

micro-xpress-jwt micro-xpress micro express xpress framework web http rest restful router app api microservice webservice jwt security auth jwks

jsonwebtoken jwks-rsa node-jose @micro-xpress/utils

1.0.0

9 months ago

@micro-xpress/jwt v1.0.0