Custom lib (or logic)

[yovanoc]

It would be good to let the user choose the implementation for his JWT methods (sign, verify etc).
or another lib like jose

[Camji55]

@yovanoc, The latest release, v1.1.0 https://github.com/Camji55/nexus-plugin-jwt-auth/releases/tag/v1.1.0 adds a setting to pass in custom verify logic. I'll leave this Issue open for the time being because I would like to get it documented and possibly add a sign setting.

[AzSiAz]

Possible to add an "async" verify, to use with something like this:

import * as jwt from 'jsonwebtoken'

export const verifyToken = (req: Request, next) => {
    const token = extractToken(req)
    jwt.verify(token, getKey, (err, decoded) => {
        next(decoded)
    })
}

My purpose is to verify a token from auth0

[fflores97]

May I also suggest making the appSecret argument optional? If one implements any non-secret-based JWT verification (as is the case with @AzSiAz and myself), the secret isn't used in the logic at all.

[Camji55]

May I also suggest making the appSecret argument optional? If one implements any non-secret-based JWT verification (as is the case with @AzSiAz and myself), the secret isn't used in the logic at all.

@fflores97 & @AzSiAz: Would this work for y'all? https://github.com/Camji55/nexus-plugin-jwt-auth/pull/45/files

[fflores97]

Looks great! Way better than the hacky thing I put together hahaha. Thanks for the work @Camji55 !