jwt-simple
Advanced tools
The jwt-simple npm package is a lightweight library for encoding and decoding JSON Web Tokens (JWT). It provides a simple API for creating and verifying JWTs, which are commonly used for authentication and secure data exchange.
Encoding a JWT
This feature allows you to encode a payload into a JWT using a secret key. The resulting token can be used for secure data transmission.
const jwt = require('jwt-simple');
const payload = { foo: 'bar' };
const secret = 'mysecretkey';
const token = jwt.encode(payload, secret);
console.log(token);Decoding a JWT
This feature allows you to decode a JWT using the same secret key that was used to encode it. The decoded payload can then be accessed and used as needed.
const jwt = require('jwt-simple');
const token = 'your.jwt.token';
const secret = 'mysecretkey';
const decoded = jwt.decode(token, secret);
console.log(decoded);The jsonwebtoken package is a popular library for working with JSON Web Tokens. It offers more features and flexibility compared to jwt-simple, including support for various algorithms, token expiration, and more advanced options for token verification.
The jose package is a comprehensive library for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT). It provides a wide range of features and supports multiple algorithms, making it suitable for more complex use cases.
The njwt package is another library for creating and verifying JSON Web Tokens. It offers a simple API similar to jwt-simple but includes additional features such as token expiration and claims validation.
JWT(JSON Web Token) encode and decode module for node.js.
$ npm install jwt-simple
var jwt = require('jwt-simple');
var payload = { foo: 'bar' };
var secret = 'xxx';
// HS256 secrets are typically 128-bit random strings, for example hex-encoded:
// var secret = Buffer.from('fe1a1915a379f3be5394b64d14794932', 'hex')
// encode
var token = jwt.encode(payload, secret);
// decode
var decoded = jwt.decode(token, secret);
console.log(decoded); //=> { foo: 'bar' }
/*
* jwt.decode(token, key, noVerify, algorithm)
*/
// decode, by default the signature of the token is verified
var decoded = jwt.decode(token, secret);
console.log(decoded); //=> { foo: 'bar' }
// decode without verify the signature of the token,
// be sure to KNOW WHAT ARE YOU DOING because not verify the signature
// means you can't be sure that someone hasn't modified the token payload
var decoded = jwt.decode(token, secret, true);
console.log(decoded); //=> { foo: 'bar' }
// decode with a specific algorithm (not using the algorithm described in the token payload)
var decoded = jwt.decode(token, secret, false, 'HS256');
console.log(decoded); //=> { foo: 'bar' }
By default the algorithm to encode is HS256.
The supported algorithms for encoding and decoding are HS256, HS384, HS512 and RS256.
// encode using HS512
jwt.encode(payload, secret, 'HS512')
0.5.6
Remove usage of deprecated Buffer constructor #89 @eliot-akira
FAQs
JWT(JSON Web Token) encode and decode module
The npm package jwt-simple receives a total of 213,537 weekly downloads. As such, jwt-simple popularity was classified as popular.
We found that jwt-simple demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research Team investigates a malicious Python package that enables automated credit card fraud on WooCommerce stores by abusing real checkout and payment flows.
Security News
Python has adopted a standardized lock file format to improve reproducibility, security, and tool interoperability across the packaging ecosystem.
Security News
OpenGrep has restored fingerprint and metavariable support in JSON and SARIF outputs, making static analysis more effective for CI/CD security automation.