Skip to content

Commit

Permalink
Merge branch 'dsbert-master'
Browse files Browse the repository at this point in the history
  • Loading branch information
jfromaniello committed Apr 17, 2017
2 parents 9a48b83 + 13ae992 commit c2aa463
Show file tree
Hide file tree
Showing 3 changed files with 42 additions and 1 deletion.
8 changes: 8 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,14 @@ By default, the decoded token is attached to `req.user` but can be configured wi
jwt({ secret: publicKey, requestProperty: 'auth' });
```

The token can also be attached to the `result` object with the `resultProperty` option. This option will override any `requestProperty`.

```javascript
jwt({ secret: publicKey, resultProperty: 'locals.user' });
```

Both `resultProperty` and `requestProperty` utilize [lodash.set](https://lodash.com/docs/4.17.2#set) and will accept nested property paths.

A custom function for extracting the token from a request can be specified with
the `getToken` option. This is useful if you need to pass the token through a
query parameter or a cookie. You can throw an error in this function and it will
Expand Down
7 changes: 6 additions & 1 deletion lib/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ module.exports = function(options) {
var isRevokedCallback = options.isRevoked || DEFAULT_REVOKED_FUNCTION;

var _requestProperty = options.userProperty || options.requestProperty || 'user';
var _resultProperty = options.resultProperty;
var credentialsRequired = typeof options.credentialsRequired === 'undefined' ? true : options.credentialsRequired;

var middleware = function(req, res, next) {
Expand Down Expand Up @@ -119,7 +120,11 @@ module.exports = function(options) {

], function (err, result){
if (err) { return next(err); }
set(req, _requestProperty, result);
if (_resultProperty) {
set(res, _resultProperty, result);
} else {
set(req, _requestProperty, result);
}
next();
});
};
Expand Down
28 changes: 28 additions & 0 deletions test/jwt.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -253,6 +253,34 @@ describe('work tests', function () {
});
});

it('should set resultProperty if option provided', function() {
var secret = 'shhhhhh';
var token = jwt.sign({foo: 'bar'}, secret);

req = { };
res = { };
req.headers = {};
req.headers.authorization = 'Bearer ' + token;
expressjwt({secret: secret, resultProperty: 'locals.user'})(req, res, function() {
assert.equal('bar', res.locals.user.foo);
assert.ok(typeof req.user === 'undefined');
});
});

it('should ignore userProperty if resultProperty option provided', function() {
var secret = 'shhhhhh';
var token = jwt.sign({foo: 'bar'}, secret);

req = { };
res = { };
req.headers = {};
req.headers.authorization = 'Bearer ' + token;
expressjwt({secret: secret, userProperty: 'auth', resultProperty: 'locals.user'})(req, res, function() {
assert.equal('bar', res.locals.user.foo);
assert.ok(typeof req.auth === 'undefined');
});
});

it('should work if no authorization header and credentials are not required', function() {
req = {};
expressjwt({ secret: 'shhhh', credentialsRequired: false })(req, res, function(err) {
Expand Down

0 comments on commit c2aa463

Please sign in to comment.