easy-jwt

Easy JWT

Usage no npm install needed!

<script type="module">
  import easyJwt from 'https://cdn.skypack.dev/easy-jwt';
</script>

README

json logo

Easy JWT

A lightweght JSON Web Token library for node.js

Installation

npm install easy-jwt

Usage

var jwt = require('easy-jwt')

JWT Sign

jwt.sign(payload, secret_key, [options])

Payload & Secret

payload could be an object literal, buffer or string representing valid JSON.

secret is a string, buffer or an object containing the secret or encoded private key.

Options

alg algorithm used for encryption. Supported algorithms: HS256 HS384 HS512

expireDate expiry date of JSON Web Token in ms. Leave blank for no expiration.

// Sign using SHA-256 with 1 hour expiry
var secret = fs.readFileSync('secret.key')
jwt.sign({ foo: 'bar' }, secret, { alg: 'HS256', expires: Date.now() + 3600000 })

JWT Verify

jwt.verify(token, secret_key, [options])

Payload & Secret

payload JSON Web Token.

secret is a string, buffer or an object containing the secret or encoded private key.

Options

maxAge maximum age tokens are allowed to be valid after expiry. Set to 0 by default.

ignoreExpiration ignore expired token errors. False by default.

complete return header and payload in one JSON object. False by default.

// Verify JSON Web Token and return header with payload
var secret = fs.readFileSync('secret.key')
jwt.verify(token, secret, { complete: true })

Error Handling

try {
    jwt.verify(token, secret, { complete: true })
} catch (error) {
    /*
        Error: {
            "name": "TokenError",
            "message": "token expired"
        }
    */
}

SignError

This error shows up during the signing process of a JSON Web Token

Message

payload is required payload was not specified when jwt.sign was called.

invalid algorithm the algorithm you are trying to use is not supported, or does not exist.

secret is required no secret or key was specified when jwt.sign was called.

TokenError

This error shows up during the verification of a JSON Web Token

Message

token expired the JSON Web Token expired.

invalid token signature the signature of the token failed to pass verification.

incorrect token format the token specified was not using a proper JSON Web Token format.

invalid algorithm the header of the JSON Web Token contained an unsupported algorithm format.

secret is required no secret or key was specified when jwt.verify was called.