passport-jwt
Advanced tools
Comparing version 4.0.0 to 4.0.1
@@ -10,3 +10,3 @@ # Migration Guide | ||
major version from v7 to v8 in order to fix a security issue (see | ||
[#147](https://github.com/themikenicholson/passport-jwt/issues/147)). | ||
[#147](https://github.com/mikenicholson/passport-jwt/issues/147)). | ||
@@ -13,0 +13,0 @@ Users of `passport-jwt` are exposed to the API of `jsonwebtoken` through the `jsonWebTokenOptions` |
@@ -19,3 +19,3 @@ var passport = require('passport-strategy') | ||
* REQUIRED unless `secretOrKey` is provided. | ||
* jwtFromRequest: (REQUIRED) Function that accepts a reqeust as the only parameter and returns the either JWT as a string or null | ||
* jwtFromRequest: (REQUIRED) Function that accepts a request as the only parameter and returns the either JWT as a string or null | ||
* issuer: If defined issuer will be verified against this value | ||
@@ -25,3 +25,3 @@ * audience: If defined audience will be verified against this value | ||
* ignoreExpiration: if true do not validate the expiration of the token. | ||
* passReqToCallback: If true the, the verify callback will be called with args (request, jwt_payload, done_callback). | ||
* passReqToCallback: If true the verify callback will be called with args (request, jwt_payload, done_callback). | ||
* @param verify - Verify callback with args (jwt_payload, done_callback) if passReqToCallback is false, | ||
@@ -28,0 +28,0 @@ * (request, jwt_payload, done_callback) if true. |
{ | ||
"name": "passport-jwt", | ||
"version": "4.0.0", | ||
"version": "4.0.1", | ||
"description": "Passport authentication strategy using JSON Web Tokens", | ||
@@ -8,7 +8,7 @@ "main": "./lib", | ||
"test": "./node_modules/.bin/mocha --reporter spec --require test/bootstrap test/*test.js", | ||
"testcov": "istanbul cover node_modules/mocha/bin/_mocha -- --reporter spec --require test/bootstrap test/*test.js" | ||
"testcov": "nyc npm run test" | ||
}, | ||
"repository": { | ||
"type": "git", | ||
"url": "https://github.com/themikenicholson/passport-jwt.git" | ||
"url": "https://github.com/mikenicholson/passport-jwt.git" | ||
}, | ||
@@ -26,16 +26,16 @@ "keywords": [ | ||
"bugs": { | ||
"url": "https://github.com/themikenicholson/passport-jwt/issues" | ||
"url": "https://github.com/mikenicholson/passport-jwt/issues" | ||
}, | ||
"homepage": "https://github.com/themikenicholson/passport-jwt", | ||
"homepage": "https://github.com/mikenicholson/passport-jwt", | ||
"devDependencies": { | ||
"chai": "^3.0.0", | ||
"chai-passport-strategy": "^1.0.0", | ||
"istanbul": "^0.4.5", | ||
"mocha": "^3.0.0", | ||
"mocha": "^9.2.1", | ||
"nyc": "^15.1.0", | ||
"sinon": "^1.0.0" | ||
}, | ||
"dependencies": { | ||
"jsonwebtoken": "^8.2.0", | ||
"jsonwebtoken": "^9.0.0", | ||
"passport-strategy": "^1.0.0" | ||
} | ||
} |
# passport-jwt | ||
[![Build Status](https://travis-ci.org/themikenicholson/passport-jwt.svg?branch=master)](https://travis-ci.org/themikenicholson/passport-jwt) | ||
[![Code Climate](https://codeclimate.com/github/themikenicholson/passport-jwt/badges/gpa.svg)](https://codeclimate.com/github/themikenicholson/passport-jwt) | ||
[![Build Status](https://travis-ci.org/mikenicholson/passport-jwt.svg?branch=master)](https://travis-ci.org/mikenicholson/passport-jwt) | ||
[![Code Climate](https://codeclimate.com/github/mikenicholson/passport-jwt/badges/gpa.svg)](https://codeclimate.com/github/mikenicholson/passport-jwt) | ||
@@ -14,3 +14,3 @@ A [Passport](http://passportjs.org/) strategy for authenticating with a | ||
If you want to quickly add secure token-based authentication to Node.js apps, feel free to check out Auth0's Node.js SDK and free plan at [auth0.com/overview](https://auth0.com/overview?utm_source=GHsponsor&utm_medium=GHsponsor&utm_campaign=passport-jwt&utm_content=auth) <img alt='Auth0 Logo' src='https://s3.amazonaws.com/passport-jwt-img/Auth0+logo.svg'/> | ||
If you want to quickly add secure token-based authentication to Node.js apps, feel free to check out Auth0's Node.js SDK and free plan at [auth0.com/developers](https://auth0.com/developers?utm_source=GHsponsor&utm_medium=GHsponsor&utm_campaign=passport-jwt&utm_content=auth) <img alt='Auth0 Logo' src='https://s3.amazonaws.com/passport-jwt-img/Auth0+logo.svg'/> | ||
@@ -117,7 +117,6 @@ ## Install | ||
``` | ||
```js | ||
var cookieExtractor = function(req) { | ||
var token = null; | ||
if (req && req.cookies) | ||
{ | ||
if (req && req.cookies) { | ||
token = req.cookies['jwt']; | ||
@@ -127,2 +126,4 @@ } | ||
}; | ||
// ... | ||
opts.jwtFromRequest = cookieExtractor; | ||
``` | ||
@@ -144,21 +145,13 @@ | ||
The strategy will first check the request for the standard *Authorization* | ||
header. If this header is present and the scheme matches `options.authScheme` | ||
or 'JWT' if no auth scheme was specified then the token will be retrieved from | ||
it. e.g. | ||
The method of including a JWT in a request depends entirely on the extractor | ||
function you choose. For example, if you use the `fromAuthHeaderAsBearerToken` | ||
extractor, you would include an `Authorization` header in your request with the | ||
scheme set to `bearer`. e.g. | ||
Authorization: JWT JSON_WEB_TOKEN_STRING..... | ||
Authorization: bearer JSON_WEB_TOKEN_STRING..... | ||
If the authorization header with the expected scheme is not found, the request | ||
body will be checked for a field matching either `options.tokenBodyField` or | ||
`auth_token` if the option was not specified. | ||
Finally, the URL query parameters will be checked for a field matching either | ||
`options.tokenQueryParameterName` or `auth_token` if the option was not | ||
specified. | ||
## Migrating | ||
The the [Migration Guide](docs/migrating.md) for help upgrading to the latest | ||
major version of passport-jwt | ||
Read the [Migration Guide](docs/migrating.md) for help upgrading to the latest | ||
major version of passport-jwt. | ||
@@ -165,0 +158,0 @@ ## Tests |
@@ -30,3 +30,3 @@ var Strategy = require('../lib/strategy'); | ||
secretOrKeyProvider: function(req, token, done) {}, | ||
jwtFromReqeust: function(r) {} | ||
jwtFromRequest: function(r) {} | ||
}); | ||
@@ -33,0 +33,0 @@ }).to.throw(TypeError); |
Sorry, the diff of this file is not supported yet
52023
21
170
+ Addedjsonwebtoken@9.0.2(transitive)
+ Addedlru-cache@6.0.0(transitive)
+ Addedsemver@7.6.0(transitive)
+ Addedyallist@4.0.0(transitive)
- Removedjsonwebtoken@8.5.1(transitive)
- Removedsemver@5.7.2(transitive)
Updatedjsonwebtoken@^9.0.0