Cloudflare Worker JWT

A lightweight JWT implementation with ZERO dependencies for Cloudflare Workers.

Contents

Install

npm i -D @ tsndr / cloudflare - worker - jwt

Examples

Basic Example

async () => { const jwt = require ( '@tsndr/cloudflare-worker-jwt' ) const token = await jwt.sign({ name : 'John Doe' , email : 'john.doe@gmail.com' }, 'secret' ) const isValid = await jwt.verify(token, 'secret' ) if (!isValid) return const payload = jwt.decode(token) }

Restrict Timeframe

async () => { const jwt = require ( '@tsndr/cloudflare-worker-jwt' ) const token = await jwt.sign({ name : 'John Doe' , email : 'john.doe@gmail.com' , nbf : Math .floor( Date .now() / 1000 ) + ( 60 * 60 ), exp : Math .floor( Date .now() / 1000 ) + ( 2 * ( 60 * 60 )) }, 'secret' ) const isValid = await jwt.verify(token, 'secret' ) if (!isValid) return const payload = jwt.decode(token) }

Usage

Signs a payload and returns the token.

Arguments

Argument Type Satus Default Description payload object required - The payload object. To use nbf (Not Before) and/or exp (Expiration Time) add nbf and/or exp to the payload. secret string required - A string which is used to sign the payload. options object , string optional { algorithm: 'HS256' } The options object supporting algorithm and keyid or just the algorithm string. (See Available Algorithms)

return

Returns token as a string .

Verifies the integrity of the token and returns a boolean value.

Argument Type Satus Default Description token string required - The token string generated by jwt.sign() . secret string required - The string which was used to sign the payload. algorithm object , string optional { algorithm: 'HS256' } The options object supporting algorithm or just the algorithm string. (See Available Algorithms)

return

Returns true if signature, nbf (if set) and exp (if set) are valid, otherwise returns false .

Returns the payload without verifying the integrity of the token. Please use jwt.verify() first to keep your application secure!

Argument Type Satus Default Description token string required - The token string generated by jwt.sign() .

return

Returns payload object .

Available Algorithms