jsonwebtoken
's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.Name | Version | Size | License | Type | Vulnerabilities |
---|---|---|---|---|---|
jws | 3.2.2 | 5.75 kB | MIT | prod | |
lodash.includes | 4.3.0 | 6.05 kB | MIT | prod | |
lodash.isboolean | 3.0.3 | 2.06 kB | MIT | prod | |
lodash.isinteger | 4.0.4 | 3.38 kB | MIT | prod | |
lodash.isnumber | 3.0.3 | 2.14 kB | MIT | prod | |
lodash.isplainobject | 4.0.6 | 2.96 kB | MIT | prod | |
lodash.isstring | 4.0.1 | 2.13 kB | MIT | prod | |
lodash.once | 4.1.1 | 3.81 kB | MIT | prod | |
ms | 2.1.3 | 2.9 kB | MIT | prod | |
semver | 7.6.1 | 93.27 kB | ISC | prod |
jsonwebtoken is a reliable JavaScript library that implements JSON Web Tokens (JWTs). JWT is a standard way to create access tokens with detailed explicit claims that are securely encrypted with a private and/or public key. The tokens are used mainly for authentication and secure information exchange.
To make use of jsonwebtoken, you first need to install it through npm with the command npm install jsonwebtoken
. Once installed, you can require the library in your JavaScript code with var jwt = require('jsonwebtoken');
.
Creating JWTs requires the sign
method, which creates a new token with a specific payload and secret. Here is a simple demonstration of its usage:
var jwt = require('jsonwebtoken');
var token = jwt.sign({ foo: 'bar' }, 'shhhhh');
In this instance, { foo: 'bar' }
is the payload and 'shhhhh'
stands as the secret. The sign
method will return a token string.
To verify the integrity of the token, jsonwebtoken provides the verify
function which checks if the token is valid using a secret or a public key. If successful, a decoded payload is returned. A failure will throw an error.
var decodedPayload = jwt.verify(token, 'shhhhh');
console.log(decodedPayload.foo) // Outputs: bar
In the above example, the verify
method accepts several options for doing things like checking the issuer, verifying correct audience, or checking token lifespan.
The jsonwebtoken documentation, including more detailed instructions and usage examples, is available on their GitHub repository at https://github.com/auth0/node-jsonwebtoken.