New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →

Book a Demo Sign in

Book a Demo Sign in

@whop-apps/auth

Package Overview

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

@whop-apps/auth

The `auth` package exports one main function: `validateToken`

canary

latest

Version: 0.0.1-canary.117

Version published: 9 months ago

Maintainers: 3

Created: 3 years ago

Auth Docs

The auth package exports one main function: validateToken

`validateToken`

The validateToken function is will take in a string / request or headers object and validate the user auth JWT set by the cloudflare app proxy.

This function ensures that the token included in the request is from a legitimate user. This user's userId is returned in the response.

If the dontThrow parameter is specified the function is guaranteed to not throw errors and will instead return null if the token is invalid.

It depends on the @whop-apps/core package to get the public key and app id from the env.

Required env variables:

WHOP_JWT_PK - the public key to verify JWT. encoded as a JWK
NEXT_PUBLIC_WHOP_APP_ID - the id of the current app.

You can also override both of these in the function arguments

Errors

all errors thrown by this package are instances of AuthError which extends Error and has the following properties:

code - the error code (a more machine readable / parse-able version of the error)

FAQs

What is @whop-apps/auth?

Is @whop-apps/auth well maintained?

Package last updated on 26 Jun 2025

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Related posts