@tool-developer/egg-jwt
JWT for egg plugin that supports server - and client-side custom authorization failure (return JSON data, or jump to the specified page).
Install
$ npm i @tool-developer/egg-jwt --save
Usage
// {app_root}/config/plugin.js
exports.jwt = {
enable: true,
package: '@tool-developer/egg-jwt',
};
generate token, by payload include user id info, like this:
const payload = {
uid
}
const token = this.app.jwt.sign(payload);
validate token, get user id info
const valid = this.app.jwt.verify(token);
const {uid} = valid;
Configuration
// {app_root}/config/config.default.js
exports.jwt = {
secret:'',
// enable middleware,default false
enableMiddleware:false,
//
cookieTokenSet:'auth-token',
//{[headerAuthorization]:'[headerAuthorizationScheme] [token]'}
headerAuthorization:'authorization',
headerAuthorizationScheme:'Bearer',
//{[headerPassthroughSet]:false}
headerPassthroughSet:'x-custom-passthrough',
//
// sign page route path
signPageRoutePath:'',
//
authOptions:{
// passthrough
},
//
// ctx.state.secret
contextStateSecret:'secret',
// ctx.state.user
contextStateUser:'user',
// jwt.sign options
signOptions:{
expiresIn:'2d'
},
// jwt.verify options
verifyOptions:{},
// ignore route path
ignore:[]
};
see config/config.default.js for more detail.
authOptions.passthrough
server authorization options
true:
return json data, like{code:401,info}
false:
when set signPageRoutePath, to redirect signPageRoutePath.
no set signPageRoutePath, to throw.
/a/b/c:
to redirect the url.
client authorization options, by headerPassthroughSet
, same as the authOptions.
signOptions
signOptions, to see jsonwebtoken jwt.sign
signOptions.expiresIn token expired time, default 2h, to see zeit/ms
verifyOptions
verifyOptions, to see jsonwebtoken jwt.verify
ignore/match
to see egg math and ignore
Example
Questions & Suggestions
Please open an issue here.