loopback-jwt
loopback-jwt is a node express middleware plugin to map Json Web tokens and Loopback users.
// load loopback-jwt module
var auth = require('loopback-jwt')(app,{
secretKey: '<secret>',
model: '<model>'
});
// apply to a path
app.use('/<path>',auth.authenticated,function(req,res,next) {
debug("has valid token",req.user);
next();
});
// catch error
app.use(function (err, req, res, next) {
if (err.name === 'UnauthorizedError') {
res.status(401).send('invalid token, or no token supplied');
} else {
res.status(401).send(err);
}
});
Getting Started
loopback-jwt is a simple middleware to map jwt with loopback. It is assumed that a jwt has been passed in the request
Install Connect
$ npm install loopback-jwt --save
loading loopback-jwt
var auth = require('loopback-jwt')(app,{options});
options
allows any options that are permitted to be passed to the loopback-jwt middleware
options:
-
secretKey
the key need to verify the jwt (required) -
model
the loopback model used for User maintenance (defaults to 'User') -
identifier
the jwt claim to identify the user (defaults to 'email') -
password
the default password to use when creating loopback users (defaults to uuid.v4())
Using loopback-jwt
the authenticated
method of loopback-jwt is added to any path that you wish to protect. If the client has not supplied a valid, signed jwt then an error will be raised
// apply to a path
app.use('/<path>',auth.authenticated,function(req,res,next) {
debug("has valid token",req.user);
next();
});
// catch error
app.use(function (err, req, res, next) {
if (err.name === 'UnauthorizedError') {
res.status(401).send('invalid token, or no token supplied');
} else {
res.status(401).send(err);
}
});
Alter user data before creating a new user
Register a beforeCreate
callback in options and modify/enrich the passed in user object with profile data contained in the jwt token:
var auth = require('loopback-jwt')(app,{
secretKey: '<secret>',
model: '<model>',
beforeCreate: function(newUser, data) {
newUser.name = data.name;
}
});
Contributors
https://github.com/whoGloo/loopback-jwt/graphs/contributors