0.2.2 • Published 1 year ago
mini-jwt v0.2.2
mini-jwt
A better, faster, lighter and more secure version of jsonwebtoken
Features
- Encrypt data using a secret
- Decrypt a token with secret to retrive data back
Installation
To install mini-jwt
# with npm:
npm install mini-jwt --save
# with yarn:
yarn add mini-jwt
Usage
mini-jwt
exports different functions for data encryption for different use cases:
Faster Usage
For a faster (but less secure) encoding and decoding of data using a secret, mini-jwt
exports the following functions:
sign(secret, data, options)
: returns encoded token(technically, not a jwt)verify(secret, token)
: returns decoded data
import { sign, verify } from 'mini-jwt'
const secret = 'top-secret'
const token = sign(secret, { uid: 'user_id' }, { sl: 8 }) // no expiration
const data = verify(secret, token)
console.log(data) // { uid: 'user_id' }
secret
can be string
data
can be an object literal, buffer or string representing valid JSON.
options
:
expiresIn
can be a numeric value representing time in ms (no expiration by default).sl
can be a numberic value representing salt length (default value is16
). Salt is a random string which is added on top of data to keep the token different everytime even for the same data.
More secure Usage
For a more secure (but slower) encryption and decryption of data using a secret, mini-jwt
exports the following functions that uses sjcl under the hood:
encrypt(secret, data, options)
: return encrypted token(technically, not a jwt)decrypt(secret, token)
: returns decrypted data
import { encrypt, decrypt } from 'mini-jwt'
const secret = 'top-secret'
const token = encrypt(secret, { uid: 'user_id' }, { expiresIn: 180000 }) // will expire after 30 minutes of token creation
const data = decrypt(secret, token)
console.log(data) // { uid: 'user_id' }
secret
can be string
data
can be an object literal, buffer or string representing valid JSON.
options
:
expiresIn
can be a numeric value representing time in ms (no expiration by default).