How to use express-jwt - 10 common examples
To help you get started, we’ve selected a few express-jwt examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
kriasoft / app-starter-kit / web / src / server.js View on Github 
global.navigator = global.navigator || {};
global.navigator.userAgent = global.navigator.userAgent || 'all';
//
// Register Node.js middleware
// -----------------------------------------------------------------------------
app.use(express.static(path.resolve(__dirname, 'public')));
app.use(cookieParser());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
//
// Authentication
// -----------------------------------------------------------------------------
app.use(
expressJwt({
secret: config.auth.jwt.secret,
credentialsRequired: false,
getToken: req => req.cookies.id_token,
}),
);
// Error handler for express-jwt
app.use((err, req, res, next) => {
// eslint-disable-line no-unused-vars
if (err instanceof Jwt401Error) {
console.error('[express-jwt-error]', req.cookies.id_token);
// `clearCookie`, otherwise user can't use web-app until cookie expires
res.clearCookie('id_token');
}
next(err);
});import express from 'express';
import expressJwt from 'express-jwt';
import ctrl from '../controllers/listened.controller';
import config from '../../config/config';
const router = express.Router(); // eslint-disable-line new-cap
router.use(expressJwt({ secret: config.jwtSecret }));
router.route('/')
.get(expressJwt({ secret: config.jwtSecret }), ctrl.listByUser);
export default router;);
router.route('/:relatedLinkId/upvote')
.post(
expressJwt({ secret: config.jwtSecret })
// TODO: refactor to have these into one call like upvote: [method1, method2,...]
// upvoteHandlers
, transferField({ source: 'relatedLink', target: 'entity' })
, voteCtrl.findVote
, voteCtrl.upvote // rename to upvoteHelper
, voteCtrl.finish // IF we add a model.unlike we don't really need this..
);
router.route('/:relatedLinkId/downvote')
.post(
expressJwt({ secret: config.jwtSecret })
, transferField({ source: 'relatedLink', target: 'entity' })
, voteCtrl.findVote
, voteCtrl.downvote
, voteCtrl.finish
);
router.param('relatedLinkId', relatedLinkCtrl.load);
export default router;/*
* Register express middleware
*/
app.use(cookieParser());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
app.use(responses)
if(process.env.NODE_ENV != 'test') {
app.use(logger('dev'))
}
/*
* Add authentication
*/
// this is decoding the token from the cookie
app.use(expressJwt({
secret: config.auth.jwt.secret,
credentialsRequired: false,
getToken: req => req.cookies.id_token,
}));
app.use(passport.initialize());
if (process.env.NODE_ENV !== 'production') {
app.enable('trust proxy');
}
app.get('/login/github',
passport.authenticate('github', { scope: [ 'user:email' ] }));.get(
expressJwt({ secret: config.jwtSecret })
, loadFullUser
, ensureIsAdmin
, companyController.list
)
.post(
expressJwt({ secret: config.jwtSecret })
, loadFullUser
, ensureIsAdmin // TODO: refactor to "loadAdmin"
, companyController.create
);
router.route('/findByLocalUrl/:localUrl')
.get(
expressJwt({ secret: config.jwtSecret, credentialsRequired: false })
, companyController.findByLocalUrl
);
router.route('/:companyId')
/** GET /api/company/:companyId - Get company */
.get(
expressJwt({ secret: config.jwtSecret })
, companyController.get
)
.delete(
expressJwt({ secret: config.jwtSecret})
, loadFullUser
, ensureIsAdmin
, companyController.delete
);
export default router;expressJwt({ secret: config.jwtSecret }),
transferField({ source: 'post', target: 'entity' }),
voteCtrl.findVote,
voteCtrl.downvote,
postCtrl.downvote,
voteCtrl.finish
);
router
.route('/:postId/bookmark')
.post(expressJwt({ secret: config.jwtSecret }), bookmarkCtrl.bookmark);
// todo: deprecate once all clients use bookmark
router
.route('/:postId/favorite')
.post(expressJwt({ secret: config.jwtSecret }), bookmarkCtrl.bookmark);
router
.route('/:postId/unbookmark')
.post(expressJwt({ secret: config.jwtSecret }), bookmarkCtrl.unbookmark);
// todo: deprecate once all clients use unbookmark
router
.route('/:postId/unfavorite')
.post(expressJwt({ secret: config.jwtSecret }), bookmarkCtrl.unbookmark);
router
.route('/:postId/listened')
.post(expressJwt({ secret: config.jwtSecret }), listenedCtrl.create);
router.param('postId', postCtrl.load);.get(
expressJwt({ secret: config.jwtSecret, credentialsRequired: false }),
forumCtrl.detail
)
.put(
expressJwt({ secret: config.jwtSecret, credentialsRequired: true }),
forumCtrl.update
)
.delete(
expressJwt({ secret: config.jwtSecret, credentialsRequired: true }),
forumCtrl.remove
);
router.route('/:forumThreadId/upvote')
.post(
expressJwt({ secret: config.jwtSecret })
// TODO: refactor to have these into one call like upvote: [method1, method2,...]
// upvoteHandlers
, transferField({ source: 'forumThread', target: 'entity' })
, voteCtrl.findVote
, voteCtrl.upvote // rename to upvoteHelper
, voteCtrl.finish // IF we add a model.unlike we don't really need this..
);
router.param('forumThreadId', forumCtrl.load);
export default router;throw new Error('jwt_token is needed!')
}
let decoded = jwt.decode(token, { complete: true });
let payload = decoded.payload;
let issuer = payload.iss;
if (!issuer) {
throw new Error('issuer is needed!')
}
let collection = getSteedosSchema().getObject('OAuth2Clients')
let clients = await collection.find({ filters: `clientId eq '${issuer}'` })
let clientInfo = clients[0]
let secret = clientInfo ? clientInfo.clientSecret : ''
if (!secret) {
throw new Error('secret is needed!')
}
let verifiedPayload = jwt.verify(token, secret);
let data = await getTokenInfo({ user: verifiedPayload })
res.cookie('X-User-Id', data.userId, { maxAge: 90 * 60 * 60 * 24 * 1000, httpOnly: true });
res.cookie('X-Auth-Token', data.authToken, { maxAge: 90 * 60 * 60 * 24 * 1000, httpOnly: true });
let redirectUrl = verifiedPayload.redirect_url;
res.redirect(301, redirectUrl);
} catch (error) {
console.error(error);
res.status(500).send(error.messenger)
}
})import { Router } from "express";
import jwt from "express-jwt";
import AuthenticationRouter from "./authenticationRouter";
import DomainRouter from "./domainRouter";
import AccountRouter from "./accountRouter";
import AliasRouter from "./aliasRouter";
import TlsPolicyRouter from "./tlspolicyRouter";
import { secret } from "../config";
const api = new Router();
api.use("/auth", AuthenticationRouter);
api.use("/domains", jwt({ secret }), DomainRouter);
api.use("/accounts", jwt({ secret }), AccountRouter);
api.use("/aliases", jwt({ secret }), AliasRouter);
api.use("/tlspolicies", jwt({ secret }), TlsPolicyRouter);
export default api;.get(
expressJwt({ secret: config.jwtSecret, credentialsRequired: false })
, jobController.get
)
.put(
expressJwt({ secret: config.jwtSecret, credentialsRequired: true })
, jobController.update
)
.delete(
expressJwt({ secret: config.jwtSecret, credentialsRequired: true })
, jobController.delete
);
router.route('/:jobId/apply')
.post(
expressJwt({ secret: config.jwtSecret, credentialsRequired: true })
, loadFullUser
, upload.single('resume')
, jobController.apply
);
export default router;
