Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: adds JWT example #1000

Merged
merged 2 commits into from
Dec 6, 2024
Merged

feat: adds JWT example #1000

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
30cd442
feat: adds JWT example
shajanjp Oct 13, 2024
c1d9e21
remove unnecessary iife
kt3k Dec 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 58 additions & 0 deletions examples/creating-and-verifying-jwt.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
/**
* @title Creating and verifying JWT
* @difficulty intermediate
* @tags cli, deploy
* @run <url>
* @resource {https://deno.land/x/jose} Doc: jose library for Deno
* @group Authentication
*
* This example demonstrates how to create and verify a JSON Web Token (JWT)
* using the `jose` library in Deno. JWTs are often used for secure
* communication between a client and server, enabling stateless
* authentication. This script includes functions to generate and verify
* tokens using the HS256 algorithm.
*/

// Import necessary functions and types from the `jose` library.
import {
JWTPayload,
jwtVerify,
SignJWT,
} from "https://deno.land/x/[email protected]/index.ts";

// Define a secret key used for signing and verifying JWTs. Ensure that this secret is kept secure in a real-world application.
const secret = new TextEncoder().encode("secret-that-no-one-knows");

// Creates a JSON Web Token (JWT) with a specified payload and signed using the HS256 algorithm and has a 1-hour expiration time.
async function createJWT(payload: JWTPayload): Promise<string> {
const jwt = await new SignJWT(payload)
.setProtectedHeader({ alg: "HS256" })
.setIssuedAt()
.setExpirationTime("1h")
.sign(secret);

return jwt;
}

// Verifies a given JSON Web Token (JWT) using the secret key. If valid, returns the payload data contained in the JWT else logs the error and returns null.
async function verifyJWT(token: string): Promise<JWTPayload | null> {
try {
// Verify the JWT using the secret key and extract the payload.
const { payload } = await jwtVerify(token, secret);
console.log("JWT is valid:", payload);
return payload;
} catch (error) {
console.error("Invalid JWT:", error);
return null;
}
}

(async () => {
// Creating a JWT with user-specific information.
const token = await createJWT({ userId: 123, username: "john_doe" });
console.log("Created JWT:", token);

// Verifying the generated JWT to ensure it has not been tampered with.
const verifiedPayload = await verifyJWT(token);
console.log("Verified Payload:", verifiedPayload);
})();
Loading