jsontokens
Advanced tools
node.js library for encoding, decoding, and verifying JSON Web Tokens (JWTs)
node.js library for signing, decoding, and verifying JSON Web Tokens (JWTs) with the ES256K signature scheme (which uses the secp256k elliptic curve). This is currently the only supported signing and verification scheme for this library.
npm install jsontokens
import { TokenSigner } from 'jsontokens'
const rawPrivateKey = '278a5de700e29faae8e40e366ec5012b5ec63d36ec77e8a2417154cc1d25383f'
const tokenPayload = {"iat": 1440713414.85}
const token = new TokenSigner('ES256K', rawPrivateKey).sign(tokenPayload)
import { createUnsecuredToken } from 'jsontokens'
const unsecuredToken = createUnsecuredToken(tokenPayload)
import { decodeToken } = from 'jsontokens'
const tokenData = decodeToken(token)
The TokenVerifier class will validate that a token is correctly signed. It does not perform checks on the claims in the payload (e.g., the exp field)--- checking the expiration field, etc., is left as a requirement for callers.
import { TokenVerifier } from 'jsontokens'
const rawPublicKey = '03fdd57adec3d438ea237fe46b33ee1e016eda6b585c3e27ea66686c2ea5358479'
const verified = new TokenVerifier('ES256K', rawPublicKey).verify(token)
eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk
FAQs
node.js library for encoding, decoding, and verifying JSON Web Tokens (JWTs)
The npm package jsontokens receives a total of 23,088 weekly downloads. As such, jsontokens popularity was classified as popular.
We found that jsontokens demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncovered a malicious PyPI package exploiting Deezer’s API to enable coordinated music piracy through API abuse and C2 server control.
Research
The Socket Research Team discovered a malicious npm package, '@ton-wallet/create', stealing cryptocurrency wallet keys from developers and users in the TON ecosystem.
Security News
Newly introduced telemetry in devenv 1.4 sparked a backlash over privacy concerns, leading to the removal of its AI-powered feature after strong community pushback.