Node-express-jwt-lib NPM

node-express-jwt-lib

Validate a JWT, its scope and NBF (token with future created dates) to authorize access to an endpoint. Internally uses the below libraries for performing the validation

"express-jwt": "^5.3.1",
"express-jwt-authz": "^2.3.1",
"jsonwebtoken": "^8.5.1",
"jwks-rsa": "^1.5.1",

Install

$ npm install node-express-jwt-lib

express@^4.0.0 is a peer dependency. Make sure it is installed in your project.

Usage

const tokenCheckScopeCheckNbfCheck = require('node-express-jwt-lib');

app.post('/timesheets/upload',
        tokenCheckScopeCheckNbfCheck,
        function(req, res) { ... });

The JWT must have a scope claim and it must either be a string of space-separated permissions or an array of strings. For example:

// String:
"write:users read:users"

// Array:
["write:users", "read:users"]

Options

failWithError: Default set to true, will forward errors to next instead of ending the response directly. For changing the value add property FAIL_WITH_ERROR in .env file and change the value.
checkAllScopes: Default set to true, all the expected scopes will be checked against the user's scopes. For changing the value add property CHECK_ALL_SCOPES in .env file and change the value.
customScopeKey: The property name to check for the scope. By default, permissions are checked against user.scope, but you can change it to be user.myCustomScopeKey with this option. Defaults to scope.

@types/node body-parser dotenv express-jwt express-jwt-authz jsonwebtoken jwks-rsa node-fetch promise

@infinitebrahmanuniverse/nolb-node-e @everything-registry/sub-chunk-2302

6 years ago

6 years ago

6 years ago

6 years ago

6 years ago

6 years ago

6 years ago

6 years ago