Current location - Quotes Website - Personality signature - Introduction to jsonwebtoken and the use of symmetric encryption to issue verification tokens
Introduction to jsonwebtoken and the use of symmetric encryption to issue verification tokens

The token generated using JWT consists of three parts: header payload signature, for example:

URL: /package/jsonwebtoken

Implementation of JSON Web token .

This is draft-ietf-oauth-json-web-token-08 for development. It leverages node-jws

to issue tokens

(asynchronously) If a callback is provided, the callback is called using err or JWT.

(Synchronous) Returns the JsonWebToken as a string

The payload can be an object literal, a buffer, or a string representing valid JSON.

secretOrPrivateKey is a string, buffer, or object containing the secret for the HMAC algorithm or the PEM-encoded private key for RSA and ECDSA. If using a private key with a passphrase, you can use a { key, passphrase } object (based on the encryption documentation), in which case make sure you pass the algorithm option.

options:

Synchronization symbol with default value (HMAC SHA256)

Use synchronous signature with RSA SHA256

Asynchronous signature< /p>

Backtrack jwt 30 seconds

Verify token

(Asynchronous) If a callback is provided, the function will operate asynchronously. If the signature is valid and the optional validity period, audience, or issuer are valid, the callback is called with the decoded payload. If not, it will be called incorrectly.

(Synchronous) If no callback is provided, the function will execute synchronously. If the signature is valid and the optional validity period, audience, or issuer are valid, the decoded payload is returned. If not, it will throw an error.

token is a JsonWebToken string

secretOrPublicKey is a string or buffer containing the secret for the HMAC algorithm, or the PEM-encoded public key containing RSA and ECDSA. If jwt.verify is called async, secretOrPublicKey can be a function that should get the secret or public key. See detailed example below

As mentioned in this comment, there are other libraries that expect base64-encoded secrets (random bytes encoded with base64), if you can, you can pass Buffer.from( secret, 'base64') Doing this, the secret will be decoded using base64 and the token verification will use the original library. Random bytes.

options

Array of supported algorithms. The following algorithms are currently supported.

Example: issuing token and verifying token