Authenticate
Last updated
Last updated
Authenticate module provides simple authentication mechanism utilizing . While there are more robust solutions such as , they are often too opinionated and bound to certain frameworks. Authenticate module provides clean API to implement JWT authentication with minimal level of abstraction.
Module is configured by passing configuration object with secret
used for signing tokens and optional authorizationFn
:
key
type
description
secret
string
Secret key used for signing the token
authorizationFn (optional)
function
function that checks if token should be issued, and returns payload* for the token
NOTE: authorizationFn
can be sync or async function and it must resolve and return an payload object
or to reject and throw an error.
We will configure Authenticate module to use DEAD_SIMPLE_KEY
(in production use safe and unpredictable keys), and a dummy authorizationFn
that will return username if it's passed to function.
We can now issue tokens as:
To verify the token, we use verify
method from Authenticate module as following:
authorizationFn
)If you do not provide authorizationFn
, you need to sign your payload manually, using sign
method:
You can preview complete implementation in example.