Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

node-express-jwt-lib

z0040mds4ISC1.0.7TypeScript support: included

JWT validation jwt libraries

readme

node-express-jwt-lib

Validate a JWT, its scope and NBF (token with future created dates) to authorize access to an endpoint. Internally uses the below libraries for performing the validation

"express-jwt": "^5.3.1",
"express-jwt-authz": "^2.3.1",
"jsonwebtoken": "^8.5.1",
"jwks-rsa": "^1.5.1",

Install

$ npm install node-express-jwt-lib

express@^4.0.0 is a peer dependency. Make sure it is installed in your project.

Usage

`type script const tokenCheckScopeCheckNbfCheck = require('node-express-jwt-lib');

app.post('/timesheets/upload', tokenCheckScopeCheckNbfCheck, function(req, res) { ... });


The JWT must have a `scope` claim and it must either be a string of space-separated permissions or an array of strings. For example:

// String: "write:users read:users"

// Array: ["write:users", "read:users"] `

Options

  • failWithError: Default set to true, will forward errors to next instead of ending the response directly. For changing the value add property FAIL_WITH_ERROR in .env file and change the value.
  • checkAllScopes: Default set to true, all the expected scopes will be checked against the user's scopes. For changing the value add property CHECK_ALL_SCOPES in .env file and change the value.
  • customScopeKey: The property name to check for the scope. By default, permissions are checked against user.scope, but you can change it to be user.myCustomScopeKey with this option. Defaults to scope.