JWT Permissions
A permissions layer built on top of jsonwebtokens
Table Of Contents
Quick Start
Verify a jsonwebtoken has required roles
const secret = 'the secret';const requiredRoles = /^write.*$/; // has to match each regex// create a token with some roles in the payloadconst accessToken = jsonwebtoken; ;
Verify (with customizable payload key)
const secret = 'the secret';const requiredRoles = /^write.*$/; // has to match each regex// create a token with some roles in the payloadconst accessToken = jsonwebtoken; ;
Test
npm testnpm run test:watch
API
verifyPermission
Verify a token is valid and has all required permissions
Arguments
options - object - input options with the following keys
- requiredRoles - array of regex - each regex must pass on at least one role in the token
- accessToken - jsonwebtoken - a jsonwebtoken that can be verified
- secret - string - a secret used to verify the jsonwebtoken
- rolesKey - string - (optional) the key to pull the roles from the payload in the jsonwebtoken