express-jwt
Advanced tools
Comparing version 0.4.0 to 0.5.0
function UnauthorizedError (code, error) { | ||
Error.call(this, error.message); | ||
Error.captureStackTrace(this, this.constructor); | ||
this.name = "UnauthorizedError"; | ||
@@ -4,0 +5,0 @@ this.message = error.message; |
@@ -43,3 +43,6 @@ var jwt = require('jsonwebtoken'); | ||
} | ||
} else { | ||
} else if (options.credentialsRequired === false) { | ||
return next(); | ||
} | ||
else { | ||
return next(new UnauthorizedError('credentials_required', { message: 'No Authorization header was found' })); | ||
@@ -46,0 +49,0 @@ } |
{ | ||
"name": "express-jwt", | ||
"version": "0.4.0", | ||
"version": "0.5.0", | ||
"description": "JWT authentication middleware.", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
@@ -5,6 +5,6 @@ # express-jwt | ||
Middleware that validates JsonWebTokens and set `req.user`. | ||
Middleware that validates JsonWebTokens and sets `req.user`. | ||
This module lets you authenticate HTTP requests using JWT tokens, in your Node.js | ||
applications. JWT tokens are typically used protect API endpoints, and are | ||
This module lets you authenticate HTTP requests using JWT tokens in your Node.js | ||
applications. JWTs are typically used protect API endpoints, and are | ||
often issued using OpenID Connect. | ||
@@ -18,4 +18,5 @@ | ||
The JWT authentication middleware authenticates callers using a JWT | ||
token. If the token is valid, `req.user` will be set with the JSON object decoded to be used by later middleware for authorization and access control. | ||
The JWT authentication middleware authenticates callers using a JWT. | ||
If the token is valid, `req.user` will be set with the JSON object decoded | ||
to be used by later middleware for authorization and access control. | ||
@@ -80,2 +81,10 @@ For example, | ||
You might want to use this module to identify registered users without preventing unregistered clients to access to some data, you | ||
can do it using the option _credentialsRequired_: | ||
app.use(jwt({ | ||
secret: 'hello world !', | ||
credentialsRequired: false | ||
})); | ||
## Related Modules | ||
@@ -82,0 +91,0 @@ |
@@ -19,4 +19,4 @@ var jwt = require('jsonwebtoken'); | ||
it('should throw if no authorization header', function() { | ||
expressjwt({secret: 'shhhh'})(req, res, function(err) { | ||
it('should throw if no authorization header and credentials are required', function() { | ||
expressjwt({secret: 'shhhh', credentialsRequired: true})(req, res, function(err) { | ||
assert.ok(err); | ||
@@ -144,2 +144,9 @@ assert.equal(err.code, 'credentials_required'); | ||
it('should work if no authorization header and credentials are not required', function() { | ||
req = {}; | ||
expressjwt({secret: 'shhhh', credentialsRequired: false})(req, res, function(err) { | ||
assert(typeof err === 'undefined'); | ||
}); | ||
}); | ||
}); |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
10694
187
105