Simple module to create JWT tokens with Deployd
In your dpd directory type,
npm install dpd-jwt
Add a Jwt Web Token resource in the dashboard, and set the configs.
To get a JWT token you will need to use a POST, either internally, or externally using either REST or dpd
To get a Token on the client, use and then set a header x-token:
dpd.jwtwebtoken.get(function(error, result)) {
// work with token that is returned
}
If you wish to use HTTP you can send a GET request to /jwtwebtoken and make sure that any user auth info is set in the headers/cookies, if you are using the User Collection that would be the sid cookie.
In the ON GET tab/event you need to validate the user and set the values object:
var val = {};
if (me) {
// Logged in user
val = {
sid: 0293420kdfjsd09fs0d9fsd, // from the cookie that is set by the user collection when a user logs in
somevalue: “anything here”,
uid: me.id
}
} else {
// Anonymous user
val = {object that describes an anonymous user};
// OR
cancel(“Anonymous access denied”, 401);
}
// Set the values
setValues(val);
To get the validated and decoded result use (either on the client, or even in an event on the server):
dpd.jwtwebtoken.validate(function(error, result) {
// work with error or result
}
To validate over HTTP make sure that the x-token header is set and make a GET request to /validate. Will return null/error or the decoded token object.
dpd-jwt uses headers to pass the JWT token around, you will need to set the header of x-token once you recieve a token using the post command.
In the ON POST event for the JwtWebToken Resource you are free to use setValues(values) to set the values/tokens you want to use in the JWTWebToken, values being an Object. You can use what ever validation you wish.
- Add more options to config to allow for RSA key files, etc
- Be able to send the Token with validate function with out using headers