express-jwt - npm Package Compare versions

Comparing version 7.4.3 to 7.5.0

dist/index.d.ts

		import * as jwt from 'jsonwebtoken';
		import * as express from 'express';
		import expressUnless from 'express-unless';
		export declare type GetVerificationKey = (req: express.Request, token: jwt.Jwt \| undefined) => Promise<jwt.Secret>;
		export declare type IsRevoked = (req: express.Request, token: jwt.Jwt \| undefined) => Promise<boolean>;
		declare type TokenGetter = (req: express.Request) => string \| Promise<string> \| undefined;
		export declare type GetVerificationKey = (req: express.Request, token: jwt.Jwt \| undefined) => jwt.Secret \| Promise<jwt.Secret>;
		export declare type IsRevoked = (req: express.Request, token: jwt.Jwt \| undefined) => boolean \| Promise<boolean>;
		export declare type TokenGetter = (req: express.Request) => string \| Promise<string> \| undefined;
		declare type Params = {
		@@ -12,2 +12,3 @@ secret: jwt.Secret \| GetVerificationKey;
		credentialsRequired?: boolean;
		requestProperty?: string;
		} & jwt.VerifyOptions;
		@@ -14,0 +15,0 @@ export { UnauthorizedError } from './errors/UnauthorizedError';

dist/index.js

		@@ -84,2 +84,3 @@ "use strict";
		var credentialsRequired = typeof options.credentialsRequired === 'undefined' ? true : options.credentialsRequired;
		var requestProperty = typeof options.requestProperty === 'string' ? options.requestProperty : 'auth';
		var middleware = function (req, res, next) {
		@@ -167,3 +168,3 @@ return __awaiter(this, void 0, void 0, function () {
		request = req;
		request.auth = decodedToken.payload;
		request[requestProperty] = decodedToken.payload;
		next();
		@@ -170,0 +171,0 @@ return [3 /break/, 8];

package.json

		{
		"name": "express-jwt",
		"version": "7.4.3",
		"version": "7.5.0",
		"description": "JWT authentication middleware.",
		@@ -5,0 +5,0 @@ "keywords": [

README.md

		@@ -11,2 +11,21 @@ # express-jwt

		## API

		`expressjwt(options)`

		Options has the following paramters:

		- `secret: jwt.Secret \| GetVerificationKey` (required): The secret as an string or a function to retrieve the secret.
		- `getToken?: TokenGetter` (optional): A function that receives the express `Request` and returns the token, by default it looks in the `Authorization` header.
		- `isRevoked?: IsRevoked` (optional): A function to verify if a token is revoked.
		- `credentialsRequired?: boolean` (optional): If its false, continue to the next middleware if the request does not contain a token instead of failing, defaults to true.
		- `requestProperty?: string` (optional): name of the property in the request object where the payload is set. Default to `req.auth`.
		- Plus... all the options available in the [jsonwebtoken verify function](https://github.com/auth0/node-jsonwebtoken#jwtverifytoken-secretorpublickey-options-callback).

		The available functions have the following interface:

		- `GetVerificationKey = (req: express.Request, token: jwt.Jwt \| undefined) => Promise<jwt.Secret>;`
		- `IsRevoked = (req: express.Request, token: jwt.Jwt \| undefined) => Promise<boolean>;`
		- `TokenGetter = (req: express.Request) => string \| Promise<string> \| undefined;`

		## Usage
		@@ -239,2 +258,9 @@

		## Migration from v6

		1. The middleware function is now available as a named import rather than a default one: import { expressjwt } from 'express-jwt'
		2. The decoded JWT payload is now available as req.auth rather than req.user
		3. The `secret` function had `(req, header, payload, cb)`, now it can return a promise and receives `(req, token)`. `token` has `header` and `payload`.
		4. The `isRevoked` function had `(req, payload, cb)`, now it can return a promise and receives `(req, token)`. `token` has `header` and `payload`.

		## Related Modules
		@@ -241,0 +267,0 @@

express-jwt - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics