jsonwebtoken
Advanced tools
Comparing version 7.3.0 to 7.4.0
| { | ||
| "name": "jsonwebtoken", | ||
| "version": "7.3.0", | ||
| "version": "7.4.0", | ||
| "description": "JSON Web Token implementation (symmetric and asymmetric)", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -18,3 +18,3 @@ # jsonwebtoken | ||
| ### jwt.sign(payload, secretOrPrivateKey, options, [callback]) | ||
| ### jwt.sign(payload, secretOrPrivateKey, [options, callback]) | ||
@@ -46,3 +46,5 @@ (Asynchronous) If a callback is supplied, callback is called with the `err` or the JWT. | ||
| Remember that `exp`, `nbf` and `iat` are **NumericDate**, see related [Token Expiration (exp claim)](#token-expiration-exp-claim) | ||
| The header can be customized via the `option.header` object. | ||
@@ -49,0 +51,0 @@ |
@@ -46,3 +46,8 @@ var Joi = require('joi'); | ||
| module.exports = function (payload, secretOrPrivateKey, options, callback) { | ||
| options = options || {}; | ||
| if (typeof options === 'function') { | ||
| callback = options; | ||
| options = {}; | ||
| } else { | ||
| options = options || {}; | ||
| } | ||
@@ -49,0 +54,0 @@ var isObjectPayload = typeof payload === 'object' && |
@@ -21,3 +21,3 @@ var jwt = require('../index'); | ||
| it('should work', function (done) { | ||
| it('should work with empty options', function (done) { | ||
| jwt.sign({abc: 1}, "secret", {}, function (err, res) { | ||
@@ -29,2 +29,9 @@ expect(err).to.be.null(); | ||
| it('should work without options object at all', function (done) { | ||
| jwt.sign({abc: 1}, "secret", function (err, res) { | ||
| expect(err).to.be.null(); | ||
| done(); | ||
| }); | ||
| }); | ||
| it('should return error when secret is not a cert for RS256', function(done) { | ||
@@ -31,0 +38,0 @@ //this throw an error because the secret is not a cert and RS256 requires a cert. |
@@ -18,3 +18,3 @@ var jwt = require('../index'); | ||
| it('should without options', function(done) { | ||
| it('should be able to validate without options', function(done) { | ||
| var callback = function(err, decoded) { | ||
@@ -81,2 +81,9 @@ assert.ok(decoded.foo); | ||
| }); | ||
| it('should default to HS256 algorithm when no options are passed', function() { | ||
| var token = jwt.sign({ foo: 'bar' }, secret); | ||
| var verifiedToken = jwt.verify(token, secret); | ||
| assert.ok(verifiedToken.foo); | ||
| assert.equal('bar', verifiedToken.foo); | ||
| }); | ||
| }); | ||
@@ -83,0 +90,0 @@ |
Fixed alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by42.31%
403418
- Number of package files
- increased by29.03%
80
- Lines of code
- increased by18.64%
3825
- Number of lines in readme file
- increased by0.68%
298
- Number of medium supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Number of low supply chain risk alerts
- increased by33.33%
8