Skip to content

kevinadhiguna/js-create-jwt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

61 Commits
.github/workflows
.github/workflows
Β 
Β 
.dockerignore
.dockerignore
Β 
Β 
.env.example
.env.example
Β 
Β 
.gitignore
.gitignore
Β 
Β 
Dockerfile
Dockerfile
Β 
Β 
README.md
README.md
Β 
Β 
createJWT.js
createJWT.js
Β 
Β 
docker-compose.yml
docker-compose.yml
Β 
Β 
package.json
package.json
Β 
Β 
yarn.lock
yarn.lock
Β 
Β 

Repository files navigation


JavaScript - Create JWT πŸ”‘

A JavaScript program to create a JSON Web Token (JWT), powered by jsonwebtoken library.

JavaScript JSON Web Token NodeJS

πŸ“š Table of Contents

  1. 🧐 What is JWT ?
  2. βš™οΈ Prerequisites
  3. 🧢 How to Run (using Yarn)
  4. πŸ‹ How to Run (using Docker)
  5. 🌊 How to Run (pull from DockerHub)
  6. 🐳 How to Run (using docker-compose)

🧐 What is JWT ?

JWT stands for JSON Web Token that is used to authenticate a user/session to backend services and also to authenticate between backend services.

A JWT consists of three parts:

  1. Header (Metadata of JWT which are usually encoding algorithm and token type)
  2. Payload (Data that are encoded in JWT, do not store any sensitive data)
  3. Signature (A random string that is generated by Header + Payload + Secret)

The signing algorithm which is usually HS256, utilizes the header, the payload, and the secret to generate a string named signature. The figure below illustrates the signing process :

JWT-signing-process
(image from : StackOverflow - What is secret key for JWT based authentication and how to generate it?)

In the server-side which stores the secret (used to generate a signature), the JWT verification process occurrs. The figure below gives an illustration :

JWT-verification-process
(image from : StackOverflow - What is secret key for JWT based authentication and how to generate it?)

The JWT from the client is decoded to a header and a paylaod. Then both of them are combined with the secret in the server-side to geenrate a test signature. As a result, if test siganture matches the original signature that comes within the JWT from the client, it is verified succesfully which means the JWT is valid. Otherwise, it's invalid and data probably have been modified.

References :


βš™οΈ Prerequisites

Prerequisites means what you should prepare/have before diving into a project. You should have NodeJS installed in your laptop/computer.

This project was created and tested using NodeJS v14.17.5. Hence, NodeJS version 14.17.5 or above should work.


🧢 How to Run (using Yarn):

  1. Clone this repository : 
git clone https://github.com/kevinadhiguna/js-create-jwt

  1. Install dependencies : 
yarn

or

npm install

  1. Create environment variables (.env file) by copying .env.example file :
cp .env.example .env

  1. Generate secret and put it into .env file :
openssl rand 64 | base64 # (linux/macOS users)

or

node -e "console.log(require('crypto').randomBytes(64).toString('base64'))" # (all users)

  1. Generate a new JWT : 
yarn generate

or

npm run generate

πŸ‹ How to Run (using Docker):

You can either choose to build docker image by yourself or pull the docker image from DockerHub.

If you want to build docker image:

  1. Clone this repository : 
git clone https://github.com/kevinadhiguna/js-create-jwt
  1. Build the docker image : 
docker build -t js-jwt .

Note: you can replace js-jwt with docker image name that you want.

  1. Generate secret : 
openssl rand 64 | base64 # (linux/macOS users)

or

node -e "console.log(require('crypto').randomBytes(64).toString('base64'))" # (all users)

Copy the result (secret) so that you can paste it as JWT_SECRET value in the next command.

  1. Run the docker image :

    Let's say the secret is w4KuiqUDzvjIFBA4jHpUfjAeOOCH1DHJOODHkGXBUYLtK0bnp26GDM6WQvRUZtu2pgp3WiL5oFgz6XoSN7Q4VA==. Then pass it as the JWT_SECRET value.
docker run -e JWT_SECRET=w4KuiqUDzvjIFBA4jHpUfjAeOOCH1DHJOODHkGXBUYLtK0bnp26GDM6WQvRUZtu2pgp3WiL5oFgz6XoSN7Q4VA== js-jwt

🌊 How to Run (pull from DockerHub):

If you want to pull the docker image from DockerHub, here are the steps:

  1. Pull the docker image:
docker pull kevinadhiguna/js-create-jwt:latest
  1. Generate secret : 
openssl rand 64 | base64 # (linux/macOS users)

or

node -e "console.log(require('crypto').randomBytes(64).toString('base64'))" # (all users)

Copy the result (secret) so that you can paste it as JWT_SECRET value in the next command.

  1. Run the docker image :

    Let's say the secret is w4KuiqUDzvjIFBA4jHpUfjAeOOCH1DHJOODHkGXBUYLtK0bnp26GDM6WQvRUZtu2pgp3WiL5oFgz6XoSN7Q4VA==. Then pass it as the JWT_SECRET value.
docker run -e JWT_SECRET=w4KuiqUDzvjIFBA4jHpUfjAeOOCH1DHJOODHkGXBUYLtK0bnp26GDM6WQvRUZtu2pgp3WiL5oFgz6XoSN7Q4VA== kevinadhiguna/js-create-jwt:latest

🐳 How to Run (using docker-compose):

  1. Clone this repository : 
git clone https://github.com/kevinadhiguna/js-create-jwt
  1. Generate secret : 
openssl rand 64 | base64 # (linux/macOS users)

or

node -e "console.log(require('crypto').randomBytes(64).toString('base64'))" # (all users)

Copy the result (secret) so that you can paste it as JWT_SECRET value in .env file.

  1. Run docker-compose : 
docker-compose up

Hello !

About

πŸ”‘ A JavaScript program to create a JSON Web Token (JWT), powered by jsonwebtoken library.

Topics

docker jwt docker-compose jwt-authentication

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages