jsonwebtoken
Advanced tools
Comparing version 7.3.0 to 7.4.0
{ | ||
"name": "jsonwebtoken", | ||
"version": "7.3.0", | ||
"version": "7.4.0", | ||
"description": "JSON Web Token implementation (symmetric and asymmetric)", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -18,3 +18,3 @@ # jsonwebtoken | ||
### jwt.sign(payload, secretOrPrivateKey, options, [callback]) | ||
### jwt.sign(payload, secretOrPrivateKey, [options, callback]) | ||
@@ -46,3 +46,5 @@ (Asynchronous) If a callback is supplied, callback is called with the `err` or the JWT. | ||
Remember that `exp`, `nbf` and `iat` are **NumericDate**, see related [Token Expiration (exp claim)](#token-expiration-exp-claim) | ||
The header can be customized via the `option.header` object. | ||
@@ -49,0 +51,0 @@ |
@@ -46,3 +46,8 @@ var Joi = require('joi'); | ||
module.exports = function (payload, secretOrPrivateKey, options, callback) { | ||
options = options || {}; | ||
if (typeof options === 'function') { | ||
callback = options; | ||
options = {}; | ||
} else { | ||
options = options || {}; | ||
} | ||
@@ -49,0 +54,0 @@ var isObjectPayload = typeof payload === 'object' && |
@@ -21,3 +21,3 @@ var jwt = require('../index'); | ||
it('should work', function (done) { | ||
it('should work with empty options', function (done) { | ||
jwt.sign({abc: 1}, "secret", {}, function (err, res) { | ||
@@ -29,2 +29,9 @@ expect(err).to.be.null(); | ||
it('should work without options object at all', function (done) { | ||
jwt.sign({abc: 1}, "secret", function (err, res) { | ||
expect(err).to.be.null(); | ||
done(); | ||
}); | ||
}); | ||
it('should return error when secret is not a cert for RS256', function(done) { | ||
@@ -31,0 +38,0 @@ //this throw an error because the secret is not a cert and RS256 requires a cert. |
@@ -18,3 +18,3 @@ var jwt = require('../index'); | ||
it('should without options', function(done) { | ||
it('should be able to validate without options', function(done) { | ||
var callback = function(err, decoded) { | ||
@@ -81,2 +81,9 @@ assert.ok(decoded.foo); | ||
}); | ||
it('should default to HS256 algorithm when no options are passed', function() { | ||
var token = jwt.sign({ foo: 'bar' }, secret); | ||
var verifiedToken = jwt.verify(token, secret); | ||
assert.ok(verifiedToken.foo); | ||
assert.equal('bar', verifiedToken.foo); | ||
}); | ||
}); | ||
@@ -83,0 +90,0 @@ |
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
403418
80
3825
298
0
8