JWT protector is a middleware to bring auth to your Express application!

yarn add jwt-express-protector

npm i jwt-express-protector

In the beginning, you must create an instance of the Protector.

const jwtProtector = createJWTProtector({
  secret: 'Secret key, used to create JWT',
});

Now jwtProtector is an Express middleware. You can use it like in example

app.get('/secret', jwtProtector, (req, res) => {
  res.send('Hello, World!');
});

Now when the unknown one user tries to fetch our endpoint, the one will receive a 401 HTTP error. But when the one gives JWT to us your handler will be invoked, and he receives 'Hello, World'.

createJWTProtector takes as an argument options object. You must pass secret property, and you can pass verifyUser function. verifyUser should take one argument named payload, and returns data about the user. Later you have an access to req.user which is JWT payload (if verifyUser wasn't passed) or user data.

if verifyUser is asynchornous, should returns Promise<T> then req.user will equal T