fastify-jwt - npm Package Compare versions

Comparing version 2.2.0 to 2.3.0

jwt.d.ts

@@ -9,10 +9,21 @@ import * as fastify from 'fastify'
  * declare module 'fastify-jwt' {
- *   interface Payload {
- *     type: { name: string; email: string }
+ *   interface FastifyJWT {
+ *     payload: { name: string; email: string }
  *   }
  * }
  * ```
+ * @example
+ * ```
+ * // With `formatUser`.
+ * declare module 'fastify-jwt' {
+ *   interface FastifyJWT {
+ *     payload: { Name: string; e_mail: string }
+ *     user: { name: string; email: string }
+ *   }
+ * }
+ * ```
  */
 export interface FastifyJWT {
   // payload: ...
+  // user: ...
 }
@@ -26,2 +37,6 @@
 
+export type UserType = FastifyJWT extends { user: infer T }
+  ? T
+  : SignPayloadType
+
 export type Secret = jwt.Secret | ((request: fastify.FastifyRequest, reply: fastify.FastifyReply, cb: (e: Error | null, secret: string | undefined) => void) => void)
@@ -53,2 +68,3 @@
   trusted?: (request: fastify.FastifyRequest, decodedToken: { [k: string]: any }) => boolean | Promise<boolean> | SignPayloadType | Promise<SignPayloadType>
+  formatUser?: (payload: SignPayloadType) => UserType
 }
@@ -94,4 +110,4 @@
     jwtVerify<Decoded extends VerifyPayloadType>(options: jwt.VerifyOptions, callback: VerifyCallback<Decoded>): void
-    user: SignPayloadType
+    user: UserType
   }
 }

jwt.js

@@ -58,2 +58,3 @@ 'use strict'
   const cookie = options.cookie
+  const formatUser = options.formatUser
 
@@ -276,4 +277,5 @@ const decodeOptions = options.decode || {}
       } else {
-        request.user = result
-        next(null, result)
+        const user = formatUser ? formatUser(result) : result
+        request.user = user
+        next(null, user)
       }
@@ -280,0 +282,0 @@ })

jwt.test-d.ts

@@ -44,3 +44,11 @@ import fastify from 'fastify';
   },
-  trusted: () => false || '' || Buffer.from('foo')
+  trusted: () => false || '' || Buffer.from('foo'),
+  formatUser: payload => {
+    const objectPayload = typeof payload === 'string'
+      ? JSON.parse(payload)
+      : Buffer.isBuffer(payload)
+        ? JSON.parse(payload.toString())
+        : payload;
+    return { name: objectPayload.userName }
+  }
 }
@@ -87,1 +95,13 @@
 // }
+
+// Custom payload with formatUser
+// declare module './jwt' {
+//   interface FastifyJWT {
+//     payload: {
+//       user: string
+//     }
+//     user: {
+//       name: string
+//     }
+//   }
+// }

package.json

 {
   "name": "fastify-jwt",
-  "version": "2.2.0",
+  "version": "2.3.0",
   "description": "JWT utils for Fastify",
@@ -5,0 +5,0 @@ "main": "jwt.js",

README.md

@@ -307,2 +307,24 @@ # fastify-jwt
 
+#### Example with formatted user
+You may customize the `request.user` object setting a custom sync function as parameter:
+
+```js
+const fastify = require('fastify')();
+fastify.register(require('fastify-jwt'), {
+  formatUser: function (user) {
+    return {
+      departmentName: user.department_name
+      name: user.name
+    }
+  },
+  secret: 'supersecret'
+});
+
+fastify.addHook('onRequest', (request, reply) =>  request.jwtVerify());
+
+fastify.get("/", async (request, reply) => {
+  return `Hello, ${request.user.name} from ${request.user.departmentName}.`;
+});
+```
+
 ### fastify.jwt.sign(payload [,options] [,callback])
@@ -309,0 +331,0 @@ The `sign` method is an implementation of [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken#jwtsignpayload-secretorprivatekey-options-callback) `.sign()`. Can be used asynchronously by passing a callback function; synchronously without a callback.

test.js

@@ -2041,1 +2041,69 @@ 'use strict'
 })
+
+test('format user', function (t) {
+  t.plan(2)
+
+  const fastify = Fastify()
+  fastify.register(jwt, { secret: 'test', formatUser: (payload) => ({ baz: payload.foo }) })
+
+  fastify.post('/sign', async function (request, reply) {
+    const token = await reply.jwtSign(request.body)
+    return { token }
+  })
+
+  fastify.get('/check-decoded-token', async function (request, reply) {
+    const decodedToken = await request.jwtVerify()
+    return reply.send(decodedToken)
+  })
+
+  fastify.get('/check-user', async function (request, reply) {
+    await request.jwtVerify()
+    return reply.send(request.user)
+  })
+
+  t.test('result of jwtVerify is the result of formatUser', async function (t) {
+    t.plan(3)
+
+    const signResponse = await fastify.inject({
+      method: 'post',
+      url: '/sign',
+      payload: { foo: 'bar' }
+    })
+    const token = JSON.parse(signResponse.payload).token
+    t.ok(token)
+
+    const response = await fastify.inject({
+      method: 'get',
+      url: '/check-decoded-token',
+      headers: {
+        authorization: `Bearer ${token}`
+      }
+    })
+    const user = JSON.parse(response.payload)
+    t.is(user.foo, undefined)
+    t.is(user.baz, 'bar')
+  })
+
+  t.test('user is set to the result of formatUser', async function (t) {
+    t.plan(3)
+
+    const signResponse = await fastify.inject({
+      method: 'post',
+      url: '/sign',
+      payload: { foo: 'bar' }
+    })
+    const token = JSON.parse(signResponse.payload).token
+    t.ok(token)
+
+    const response = await fastify.inject({
+      method: 'get',
+      url: '/check-user',
+      headers: {
+        authorization: `Bearer ${token}`
+      }
+    })
+    const user = JSON.parse(response.payload)
+    t.is(user.foo, undefined)
+    t.is(user.baz, 'bar')
+  })
+})

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

103989

increased by3.25%

Lines of code

2280

increased by4.25%

Number of lines in readme file

604

increased by3.78%

No dependency changes