Proof of concept of NGINX + JWT Validation
allows extending NGINX functionalities: https://nginx.org/en/docs/njs/
We will try to consume a protected static file, that will be accessible only when a valid token is provided.
NGINX can already validate JWT Tokens, but only with the Plus subscription
- Web Browser
Clone the repository, cd into and then
bash pull.sh bash start.sh
The container will start and attach to port 81.
You must have a valid JWT token, for example the following one
but using a wrong token
will return an error.
Moreover, a static test file with no JWT validation is provided at
The secret used to validate this token is "secret" (look in
A benchmark to measure the overhead of this kind of validation is provided here: https://github.com/lombax85/nginx-njs-benchmark
- The token validation has been done with a slightly modified version of https://github.com/hokaccha/node-jwt-simple