@luvio/jwt-manager
Advanced tools
JWT Manager is a package that simplifies the handling of JWT (JSON Web Tokens) in your application. It abstracts the process of retrieving, storing, and refreshing tokens with a clean and straightforward API.
You can add JWT Manager to your project using npm:
npm install @luvio/jwt-manager
getJwt and refreshToken methods.JwtRepository for token storage and management.JwtResolver to retrieve tokens.Here is a basic example of using JWT Manager in a Node.js application:
const { JwtManager, JwtRepository, JwtResolver } = require('@luvio/jwt-manager');
type EncodedJwtClaims = {
exp: number;
username: string;
}
type ExtraInfo = {
envBaseUri: string;
}
// Your JwtResolver implementation
const jwtResolver: JwtResolver<ExtraInfo> = {
getJwt(): Promise<{ jwt: string; extraInfo: ExtraInfo }> {
return fetch(); // resolves the jwt.
}
};
// Your JwtRepository implementation
const jwtRepository = new JwtRepository<EncodedJwtClaims, ExtraInfo>(
3, // notifies that the token will expire in 3 seconds
120, // if exp claim is not provided, the token will expire in 120 seconds.
);
// Create JwtManager instance
const jwtManager = new JwtManager(jwtRepository, jwtResolver);
// Get a JWT
jwtManager.getJwt().then((jwt) => {
console.log(jwt.token); // Prints the JWT
console.log(jwt.decodedInfo); // Prints the JWT decoded information
console.log(jwt.extraInfo); // Prints the JWT extra information
});
Remember that you will need to provide your own JwtResolver implementation of the JwtResolver interface. The JwtResolver should provide a getJwt method that retrieves a new JWT (and optionally extra info) when needed.
The package exports two main elements: JwtManager class, JwtRepository class and JwtResolver and JwtToken types.
The JwtManager class is the main class in the JWT Manager package.
It exposes the following methods:
getJwt(): Returns a JWT. If a token request is in progress, it returns the Promise of this request. If the current token is undefined or expired, it initiates a token refresh. Otherwise, it returns the current token.refreshToken(): Refreshes a JWT. If a refresh request is already in progress, it returns the Promise of this request. Otherwise, it starts a new refresh request and returns its Promise.The JwtRepository class is a storage and management solution for JWT (JSON Web Tokens) within the JWT Manager package.
The class handles:
const { JwtRepository } = require('jwt-manager');
// Create JwtRepository instance with optional parameters
const jwtRepository = new JwtRepository(limitInSeconds, defaultTokenTTLInSeconds, logger);
// Set a JWT with optional extra information
jwtRepository.setToken('myJWT', { extra: 'info' });
// Get the current JWT
const currentToken = jwtRepository.token;
// Subscribe to the token nearing its expiration
const unsubscribe = jwtRepository.subscribeToTokenNearExpiration((token) => {
console.log(`Token is about to expire: ${token}`);
});
// To unsubscribe
unsubscribe();
// Remove the current JWT
jwtRepository.removeToken();
JwtRepository exposes the following methods:
constructor(limitInSeconds: number, defaultTokenTTLInSeconds: number, logger: Logger): The constructor takes optional parameters to customize its behavior. The limitInSeconds sets the time before the token's expiry to notify observers. The defaultTokenTTLInSeconds sets the default token expiry time in seconds if "exp" claim is not present in the token. logger is used for logging warnings and errors.
token: Returns the current JWT.
setToken(token: string, extraInfo?: ExtraInfo): Sets the current JWT with optional extra information. Returns an object of the set token.
removeToken(): Removes the current JWT.
subscribeToTokenNearExpiration(cb: (token: JwtToken<T, ExtraInfo>) => void): Subscribes to the token nearing its expiration. It returns a function that can be used to unsubscribe.
The JwtResolver type is used to define the structure for JWT resolver instances. It contains a getJwt method that should return a Promise with a JWT and optionally extra information.
We welcome contributions! Please see our contributing guide for more details.
see the LICENSE.txt file for details.
FAQs
Luvio Next generic JWT manager
The npm package @luvio/jwt-manager receives a total of 88 weekly downloads. As such, @luvio/jwt-manager popularity was classified as not popular.
We found that @luvio/jwt-manager demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.