This project is based on the nJwt library for Node.js developers. The aim of this project is to show how to create and test JWT token using your own signing key secret.
- Create Signing keys
- Create a JSON token using the signing key
- Validate the token
This project uses the libraries needed for nJwt to work
"njwt": "^1.0.0"
"secure-random": "^1.1.2"
- npm
- Node
Download the repository and run npm install
inside the directory to install the dependencies.
You will find to classes:
functions.js
index.js
The index.js
file is a complete example of how to run the example to create and validate a JWT token
You will first need to create a Signing key
const helper = require('./functions');
var signingKey = helper.createSigningKey();
Once having a singing key you could create a JWT
token based on this. The only mandatory fields are a JSON
claims object.
var claims = {
iss: "http://myapp.com/", // The URL of your service
sub: "users/user1234", // The UID of the user in your system
scope: "self, admins",
aud: "app-id" // Your APP ID
};
Other optional fields are the algorithm used to encode the token (by default is HS256
, the expiration date which is 1 hour by default). You could find more about the parameters in the documentation of the method.
var jwt = helper.createToken(claims, signingKey);
To verify the token you could run this function
nJwt.verify(jwt, signingKey, function (err, verifiedJwt) {
if (err) {
console.log(err); // Token has expired, has been tampered with, etc
} else {
console.log(verifiedJwt); // Will contain the header and body
}
});
- If you want to create several
JWT
tokens to validate against aSigning Key
, use the same signing key to create the tokens.
Free use.