A fully functional JWT authentication library for securely generating, verifying, and managing JSON Web Tokens.
A simple and secure JWT authentication library for Node.js, providing functions to create access tokens and refresh tokens.
🔐 Create JWT tokens with a secret key. 🪪 Generate access tokens with customizable expiration and algorithm. 📥 Decode JWT tokens without verifying the signature. ✅ Verify token authenticity and integrity. ⌛ Check if a token is expired.
npm install jwt-auths
const jwtAuth = require('jwt-auths');
const accessToken = jwtAuth.createAccessToken('your-secret-key', { userId: 123 }, { expiresIn: '1h', algorithm: 'HS256' });
The createAccessToken function generates a new JWT access token. It now takes the secret key first, followed by the payload (your user data), and an optional options object for configuration.
Parameters:
secretKey (String) - The secret key used for signing the token. This should be a strong, securely stored string.payload (Object) - A JavaScript object containing the user data you want to encode in the token. It's best practice to include non-sensitive data here, such as userId, role, or username.options (Object, optional) - An object to customize the token's properties. If not provided, the default options will be used.
expiresIn (String | Number) - The expiration time for the token (e.g., "1h", "7d", or 3600 for 1 hour in seconds). By default, this is set to '15m' (15 minutes), as defined inalgorithm (String) - The algorithm used to sign the token (e.g., "HS256", "RS256"). The default algorithm is 'HS256'.const defaultAccessTokenOptions = {
expiresIn: '15m',
algorithm: 'HS256',
};
const refreshToken = jwtAuth.createRefreshToken('your-secret-key', { userId: 123 }, { expiresIn: '7d', algorithm: 'HS256' });
const payload = jwtAuth.verifyAccessToken(token, 'your-secret-key');
const payload = jwtAuth.verifyRefreshToken(token, 'your-secret-key');
const isExpired = jwtAuth.isTokenExpired(token);
const isValidFormat = jwtAuth.isValidJwtFormat(token);
const decoded = jwtAuth.decodeToken(token);
MIT License © 2025 [Brang Tsawm Aung]
Pull requests and issues are welcome! 😊
FAQs
A fully functional JWT authentication library for securely generating, verifying, and managing JSON Web Tokens.
We found that jwt-auths demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenAI rotated macOS signing certificates after a malicious Axios package reached its CI pipeline in a broader software supply chain attack.
Security News
Open source is under attack because of how much value it creates. It has been the foundation of every major software innovation for the last three decades. This is not the time to walk away from it.
Security News
Socket CEO Feross Aboukhadijeh breaks down how North Korea hijacked Axios and what it means for the future of software supply chain security.