🚀 DAY 5 OF LAUNCH WEEK: Introducing Socket Firewall Enterprise.Learn more →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

mini-jwt

Package Overview
Dependencies
Maintainers
1
Versions
7
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install
Package was removed
Sorry, it seems this package was removed from the registry

mini-jwt

A token generator library to encode and decode data using a secret key

unpublished
latest
Source
npmnpm
Version
0.2.2
Version published
Weekly downloads
0
Maintainers
1
Weekly downloads
 
Created
Source

mini-jwt

A better, faster, lighter and more secure version of jsonwebtoken

Features

  • Encrypt data using a secret
  • Decrypt a token with secret to retrive data back

Installation

To install mini-jwt

  # with npm:
  npm install mini-jwt --save

  # with yarn:
  yarn add mini-jwt

Usage

mini-jwt exports different functions for data encryption for different use cases:

Faster Usage

For a faster (but less secure) encoding and decoding of data using a secret, mini-jwt exports the following functions:

  • sign(secret, data, options): returns encoded token(technically, not a jwt)
  • verify(secret, token): returns decoded data
import { sign, verify } from 'mini-jwt'

const secret = 'top-secret'
const token = sign(secret, { uid: 'user_id' }, {  sl: 8 }) // no expiration
const data = verify(secret, token)

console.log(data) // { uid: 'user_id' }

secret can be string

data can be an object literal, buffer or string representing valid JSON.

options:

  • expiresIn can be a numeric value representing time in ms (no expiration by default).
  • sl can be a numberic value representing salt length (default value is 16). Salt is a random string which is added on top of data to keep the token different everytime even for the same data.

More secure Usage

For a more secure (but slower) encryption and decryption of data using a secret, mini-jwt exports the following functions that uses sjcl under the hood:

  • encrypt(secret, data, options): return encrypted token(technically, not a jwt)
  • decrypt(secret, token): returns decrypted data
import { encrypt, decrypt } from 'mini-jwt'

const secret = 'top-secret'
const token = encrypt(secret, { uid: 'user_id' }, { expiresIn: 180000 }) // will expire after 30 minutes of token creation
const data = decrypt(secret, token)

console.log(data) // { uid: 'user_id' }

secret can be string

data can be an object literal, buffer or string representing valid JSON.

options:

  • expiresIn can be a numeric value representing time in ms (no expiration by default).

Used By

Author

Sahil Aggarwal

Keywords

mini-jwt
javascript
encyption
decryption
jsonwebtoken
sjcl

FAQs

Package last updated on 22 Apr 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Introducing Socket Firewall Enterprise: Flexible, Configurable Protection for Modern Package Ecosystems

Product

Introducing Socket Firewall Enterprise: Flexible, Configurable Protection for Modern Package Ecosystems

Socket Firewall Enterprise is now available with flexible deployment, configurable policies, and expanded language support.

By Bradley Meck Farias, Dale Bustad  -  Oct 24, 2025
Introducing GitHub Actions Scanning Support

Product

Introducing GitHub Actions Scanning Support

Detect malware, unsafe data flows, and license issues in GitHub Actions with Socket’s new workflow scanning support.

By Rakesh Chatrath, Greg Tystahl  -  Oct 23, 2025