-
Notifications
You must be signed in to change notification settings - Fork 126
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't pass jsonwebtoken.verify options #29
Comments
@Think7 Do you have control over creating the JWT? you could simple not set the expiration in the first place if you're just going to ignore it... |
Agreed however i ran into an issue: If client makes a request for a JWT with an expiry time of 10 mins, after the expiry time, server is going to 401 them. I need to allow users to send a potentially expired token and then check to see if they are allowed to renew their session (send them another JWT) without sending credentials over the wire a second+ time. There are also other options other than expire in the verify options object. |
Ok. I don't have time to add it today. If you have time to add the code+tests and submit a pull request, please do. otherwise I will try and get to this tomorrow. 👍 |
jsonwebtoken not very clear on what these options do: https://github.com/auth0/node-jsonwebtoken#jwtverifytoken-secretorpublickey-options-callback |
Each option is a bool which tells jwt to ignore the thing is it's mismatching. For example you can have it ignore tokens where the issuer is different. Forgot where i read this. |
@Think7 done. Grab the latest version from NPM and use how you you would expect (in the code you wrote above). thanks for letting us know you needed it and please let us know if you require anything else! 👍 |
Thanks you for adding it! It looks like you removed my forwarding of the JTW's .sign() method. Was this intentional? Also when you have time, pretend that you are a new user coming to this package. Follow the instructions on the main page, you'll see that you get compilation errors if you follow things exactly as shown. |
😧 @Think7 Please create that last message as a new issue and I will get on it immediately. |
@Think7 we have _updated_ the readme and _simplified_ the example usage code. please review and confirm its more beginner-friendly. if you spot anything please create an issue so we can make it the best it can be! thanks again for your feedback/input! 👍 |
Currently, users of this package cannot pass in verify options for the jsonwebtokens module as shown here:
https://www.npmjs.com/package/jsonwebtoken#jwt-verify-token-secretorpublickey-options-callback
I have resolved this issue but am unfamiliar with source control and how to make a pull request.
The modified index.js for can be found here: http://pastebin.com/kibMGb11
Users now need only to pass in a verifyOptions object in the options object for the module.
Example:
I also exported the JWT.sign method so now users of the package do not need to have specific requires for it in their project.
The text was updated successfully, but these errors were encountered: