Version: 3.0.0

JWT

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact, self-contained method for securely transferring information between parties as a JSON object. This information can be verified and trusted because it is digitally signed.

Midway provides jwt components and simply provides some jwt-related API, which can be used for independent authentication and verification.

Related information:

Description
Can be used for standard projects	✅
Can be used for Serverless	✅
Can be used for integration	✅
Contains independent main framework	❌
Contains independent logs	❌

Installation dependency

$ npm i @midwayjs/jwt@3 --save

Or reinstall the following dependencies in package.json.

{
  "dependencies": {
    "@midwayjs/jwt": "^3.0.0"
    // ...
  },
}

Use components

Configure jwt components into the code.

import { Configuration, IMidwayContainer } from '@midwayjs/core';
import { IMidwayContainer } from '@midwayjs/core';
import * as jwt from '@midwayjs/jwt';

@Configuration({
  imports: [
    // ...
    jwt,
  ],
})
export class MainConfiguration {
  // ...
}

Basic configuration

Then set in the configuration, the default is not encrypted.

// src/config/config.default.ts
export default {
  // ...
  jwt: {
    secret: 'xxxxxxxxxxxxxx', // fs.readFileSync('xxxxx.key')
    sign: {
      // signOptions
      expiresIn: '2d', // https://github.com/vercel/ms
    },
    verify: {
      // verifyOptions
    },
    decode: {
      // decodeOptions
    }
  },
};

for more configurations, see the ts definition.

Common API

Midway provides jwt common API as synchronous and asynchronous.

import { Provide, Inject } from '@midwayjs/core';
import { JwtService } from '@midwayjs/jwt';

@Provide()
export class UserService {
  @Inject()
  jwtService: JwtService;

  async invoke() {
    // Synchronization API
    this.jwtService.signSync(payload, secretOrPrivateKey, options);
    this.jwtService.verifySync(token, secretOrPublicKey, options);
    this.jwtService.decodeSync(token, options);

    // Asynchronous API
    await this.jwtService.sign(payload, secretOrPrivateKey, options);
    await this.jwtService.verify(token, secretOrPublicKey, options);
    await this.jwtService.decode(token, options);
  }
}

These APIs are all from the basic node-jsonwebtoken library. If you don't know, please read the original document.

Middleware example

In general, jwt will also cooperate with middleware to complete authentication. The following is an example of custom jwt authentication middleware.

// src/middleware/jwt.middleware

import { Inject, Middleware, httpError } from '@midwayjs/core';
import { Context, NextFunction } from '@midwayjs/koa';
import { JwtService } from '@midwayjs/jwt';

@Middleware()
export class JwtMiddleware {
  @Inject()
  jwtService: JwtService;

  public static getName(): string {
    return 'jwt';
  }

  resolve() {
    return async (ctx: Context, next: NextFunction) => {
      // Judge whether there is verification information
      if (! ctx.headers['authorization']) {
        throw new httpError.UnauthorizedError();
      }
      // Get verification information from header
      const parts = ctx.get('authorization').trim().split(' ');

      if (parts.length !== 2) {
        throw new httpError.UnauthorizedError();
      }

      const [scheme, token] = parts;

      if (/^Bearer$/i.test(scheme)) {
        try {
          // jwt.verify that token is valid.
          await this.jwtService.verify(token, {
            complete: true
          });
        } catch (error) {
          // The token expires and generates a new token.
          const newToken = getToken(user);
          // Put the new token into the Authorization and return it to the front end.
          ctx.set('Authorization', newToken);
        }
        await next();
      }
    };
  }

  // Configure route addresses that ignore authentication
  public match(ctx: Context): boolean {
    const ignore = ctx.path.indexOf('/api/admin/login') !== -1;
    return !ignore;
  }
}

Then enable middleware at the portal.

// src/configuration.ts

import { Configuration, App, IMidwayContainer, IMidwayApplication} from '@midwayjs/core';
import * as jwt from '@midwayjs/jwt';

@Configuration({
  imports: [
    // ...
    jwt
  ],
})
export class MainConfiguration {

  @App()
  app: IMidwayApplication;

  async onReady(applicationContext: IMidwayContainer): Promise<void> {
    // Add middleware
    this.app.useMiddleware ([
      // ...
      JwtMiddleware
    ]);
  }
}

Original JWT object

Objects and methods on the original instance can be referenced through the exported Jwt object.

import { Jwt } from '@midwayjs/jwt';

// Jwt.TokenExpiredError

JWT

Installation dependency​

Use components​

Basic configuration​

Common API​

Middleware example​

Original JWT object​