passport-jwt
Advanced tools
Comparing version 4.0.0 to 4.0.1
@@ -10,3 +10,3 @@ # Migration Guide | ||
| major version from v7 to v8 in order to fix a security issue (see | ||
| [#147](https://github.com/themikenicholson/passport-jwt/issues/147)). | ||
| [#147](https://github.com/mikenicholson/passport-jwt/issues/147)). | ||
@@ -13,0 +13,0 @@ Users of `passport-jwt` are exposed to the API of `jsonwebtoken` through the `jsonWebTokenOptions` |
@@ -19,3 +19,3 @@ var passport = require('passport-strategy') | ||
| * REQUIRED unless `secretOrKey` is provided. | ||
| * jwtFromRequest: (REQUIRED) Function that accepts a reqeust as the only parameter and returns the either JWT as a string or null | ||
| * jwtFromRequest: (REQUIRED) Function that accepts a request as the only parameter and returns the either JWT as a string or null | ||
| * issuer: If defined issuer will be verified against this value | ||
@@ -25,3 +25,3 @@ * audience: If defined audience will be verified against this value | ||
| * ignoreExpiration: if true do not validate the expiration of the token. | ||
| * passReqToCallback: If true the, the verify callback will be called with args (request, jwt_payload, done_callback). | ||
| * passReqToCallback: If true the verify callback will be called with args (request, jwt_payload, done_callback). | ||
| * @param verify - Verify callback with args (jwt_payload, done_callback) if passReqToCallback is false, | ||
@@ -28,0 +28,0 @@ * (request, jwt_payload, done_callback) if true. |
| { | ||
| "name": "passport-jwt", | ||
| "version": "4.0.0", | ||
| "version": "4.0.1", | ||
| "description": "Passport authentication strategy using JSON Web Tokens", | ||
@@ -8,7 +8,7 @@ "main": "./lib", | ||
| "test": "./node_modules/.bin/mocha --reporter spec --require test/bootstrap test/*test.js", | ||
| "testcov": "istanbul cover node_modules/mocha/bin/_mocha -- --reporter spec --require test/bootstrap test/*test.js" | ||
| "testcov": "nyc npm run test" | ||
| }, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "https://github.com/themikenicholson/passport-jwt.git" | ||
| "url": "https://github.com/mikenicholson/passport-jwt.git" | ||
| }, | ||
@@ -26,16 +26,16 @@ "keywords": [ | ||
| "bugs": { | ||
| "url": "https://github.com/themikenicholson/passport-jwt/issues" | ||
| "url": "https://github.com/mikenicholson/passport-jwt/issues" | ||
| }, | ||
| "homepage": "https://github.com/themikenicholson/passport-jwt", | ||
| "homepage": "https://github.com/mikenicholson/passport-jwt", | ||
| "devDependencies": { | ||
| "chai": "^3.0.0", | ||
| "chai-passport-strategy": "^1.0.0", | ||
| "istanbul": "^0.4.5", | ||
| "mocha": "^3.0.0", | ||
| "mocha": "^9.2.1", | ||
| "nyc": "^15.1.0", | ||
| "sinon": "^1.0.0" | ||
| }, | ||
| "dependencies": { | ||
| "jsonwebtoken": "^8.2.0", | ||
| "jsonwebtoken": "^9.0.0", | ||
| "passport-strategy": "^1.0.0" | ||
| } | ||
| } |
| # passport-jwt | ||
| [](https://travis-ci.org/themikenicholson/passport-jwt) | ||
| [](https://codeclimate.com/github/themikenicholson/passport-jwt) | ||
| [](https://travis-ci.org/mikenicholson/passport-jwt) | ||
| [](https://codeclimate.com/github/mikenicholson/passport-jwt) | ||
@@ -14,3 +14,3 @@ A [Passport](http://passportjs.org/) strategy for authenticating with a | ||
| If you want to quickly add secure token-based authentication to Node.js apps, feel free to check out Auth0's Node.js SDK and free plan at [auth0.com/overview](https://auth0.com/overview?utm_source=GHsponsor&utm_medium=GHsponsor&utm_campaign=passport-jwt&utm_content=auth) <img alt='Auth0 Logo' src='https://s3.amazonaws.com/passport-jwt-img/Auth0+logo.svg'/> | ||
| If you want to quickly add secure token-based authentication to Node.js apps, feel free to check out Auth0's Node.js SDK and free plan at [auth0.com/developers](https://auth0.com/developers?utm_source=GHsponsor&utm_medium=GHsponsor&utm_campaign=passport-jwt&utm_content=auth) <img alt='Auth0 Logo' src='https://s3.amazonaws.com/passport-jwt-img/Auth0+logo.svg'/> | ||
@@ -117,7 +117,6 @@ ## Install | ||
| ``` | ||
| ```js | ||
| var cookieExtractor = function(req) { | ||
| var token = null; | ||
| if (req && req.cookies) | ||
| { | ||
| if (req && req.cookies) { | ||
| token = req.cookies['jwt']; | ||
@@ -127,2 +126,4 @@ } | ||
| }; | ||
| // ... | ||
| opts.jwtFromRequest = cookieExtractor; | ||
| ``` | ||
@@ -144,21 +145,13 @@ | ||
| The strategy will first check the request for the standard *Authorization* | ||
| header. If this header is present and the scheme matches `options.authScheme` | ||
| or 'JWT' if no auth scheme was specified then the token will be retrieved from | ||
| it. e.g. | ||
| The method of including a JWT in a request depends entirely on the extractor | ||
| function you choose. For example, if you use the `fromAuthHeaderAsBearerToken` | ||
| extractor, you would include an `Authorization` header in your request with the | ||
| scheme set to `bearer`. e.g. | ||
| Authorization: JWT JSON_WEB_TOKEN_STRING..... | ||
| Authorization: bearer JSON_WEB_TOKEN_STRING..... | ||
| If the authorization header with the expected scheme is not found, the request | ||
| body will be checked for a field matching either `options.tokenBodyField` or | ||
| `auth_token` if the option was not specified. | ||
| Finally, the URL query parameters will be checked for a field matching either | ||
| `options.tokenQueryParameterName` or `auth_token` if the option was not | ||
| specified. | ||
| ## Migrating | ||
| The the [Migration Guide](docs/migrating.md) for help upgrading to the latest | ||
| major version of passport-jwt | ||
| Read the [Migration Guide](docs/migrating.md) for help upgrading to the latest | ||
| major version of passport-jwt. | ||
@@ -165,0 +158,0 @@ ## Tests |
@@ -30,3 +30,3 @@ var Strategy = require('../lib/strategy'); | ||
| secretOrKeyProvider: function(req, token, done) {}, | ||
| jwtFromReqeust: function(r) {} | ||
| jwtFromRequest: function(r) {} | ||
| }); | ||
@@ -33,0 +33,0 @@ }).to.throw(TypeError); |
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
- increased by0.08%
52023
- Number of package files
- increased by5%
21
Worsened metrics
- Number of lines in readme file
- decreased by-3.95%
170
Dependency changes
+ Addedjsonwebtoken@9.0.2(transitive)
+ Addedlru-cache@6.0.0(transitive)
+ Addedsemver@7.6.0(transitive)
+ Addedyallist@4.0.0(transitive)
- Removedjsonwebtoken@8.5.1(transitive)
- Removedsemver@5.7.2(transitive)
Updatedjsonwebtoken@^9.0.0