Skip to content

Node and/or Edge helper functions to create JWK's AND create and verify JWT's with the subtle crypto api (ECDSA)

License

Notifications You must be signed in to change notification settings

feelinglovelynow/jwt

Repository files navigation

🕉 @feelinglovelynow/jwt

💎 Install

pnpm add @feelinglovelynow/jwt
pnpm add buffer # only necessary if @ browser or edge (cloudflare workers)

🤓 Unit Tests

Statements

🙏 Description

  • Node and/or Edge helper functions to create JWK's, create JWT's, decode JWT's and verify JWT's with the subtle crypto api's ECDSA: SHA-512 algorithm
  • First we create JWK's which give us a private and public JWK (I love to put them in my .env file)
  • Then with the private JWK we may create JWT's
  • With the public JWK we may verify JWT's
  • And with no JWK required we may decode JWT's

💚 Create public and private JWK's

  • This function will log the public & private JWK's in the terminal
  • Calling this function is only necessary when we first create the JWK's. Once we store the pulic and private JWK's this code may be removed. So place this code locally somewhere server side, call it for the number of JWK's you'd love and then remove it when they're in your .env file. The same private JWK can create many JWT's.
import { createJWKs } from '@feelinglovelynow/jwt'

createJWKs()

💛 Create JWT

  • createJWT(jwtPayload: Object, expiresInAsSeconds: number, privateJWK: string, Buffer: any): Promise<string>
import { Buffer } from 'buffer/' // edge
import { Buffer } from 'node:buffer' // node
import { createJWT } from '@feelinglovelynow/jwt'
import { JWK_PRIVATE } from '$env/static/private'

const jwtPayload = { userId: 1 }
const expiresInAsSeconds = 32400 // 9 hours
const jwt = await createJWT(jwtPayload, expiresInAsSeconds, JWK_PRIVATE, Buffer)

🧡 Decode JWT

  • decodeJWT(jwt: string, Buffer: any): any
import { Buffer } from 'buffer/' // edge
import { Buffer } from 'node:buffer' // node
import { decodeJWT } from '@feelinglovelynow/jwt'

const decoded = decodeJWT(jwt, Buffer)
  • 🔥 Errors we may throw
if (!jwt || typeof jwt !== 'string' || jwt.split('.').length !== 3) {
  throw { id: 'fln__decode__invalid-jwt', message: 'Please provide a string token, with 3 parts, seperated by a dot', _errorData: { jwt } }
}

❤️ Verify JWT

  • verifyJWT(jwt: string, publicJWK: string, Buffer: any): Promise<any>
import { Buffer } from 'buffer/' // edge
import { Buffer } from 'node:buffer' // node
import { verifyJWT } from '@feelinglovelynow/jwt'
import { JWK_PUBLIC } from '$env/static/private'

const payload = await verifyJWT(jwt, JWK_PUBLIC, Buffer)
  • 🔥 Errors we may throw
if (!jwt || typeof jwt !== 'string' || jwt.split('.').length !== 3) {
  throw { id: 'fln__verify__bad-format', message: 'Please provide a string token, with 3 parts, seperated by a dot', _errorData: { jwt } }
}

if (expiresInAsSeconds <= now()) {
  throw { id: 'fln__verify__expired', message: 'Token has expired', _errorData: { jwt } }
}

if (!isValid) throw { id: 'fln__verify__invalid', message: 'Token is invalid', _errorData: { jwt } }

🎁 All Our Packages

  1. @feelinglovelynow/datetime-local: NPMGithub
  2. @feelinglovelynow/dgraph: NPMGithub
  3. @feelinglovelynow/env-write: NPMGithub
  4. @feelinglovelynow/get-form-entries: NPMGithub
  5. @feelinglovelynow/get-relative-time: NPMGithub
  6. @feelinglovelynow/global-style: NPMGithub
  7. @feelinglovelynow/jwt: NPMGithub
  8. @feelinglovelynow/loop-backwards: NPMGithub
  9. @feelinglovelynow/slug: NPMGithub
  10. @feelinglovelynow/svelte-catch: NPMGithub
  11. @feelinglovelynow/svelte-kv: NPMGithub
  12. @feelinglovelynow/svelte-loading-anchor: NPMGithub
  13. @feelinglovelynow/svelte-modal: NPMGithub
  14. @feelinglovelynow/svelte-turnstile: NPMGithub
  15. @feelinglovelynow/toast: NPMGithub

About

Node and/or Edge helper functions to create JWK's AND create and verify JWT's with the subtle crypto api (ECDSA)

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published