Skip to content

kmokrzycki/jwt-token-encrypt

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

jwt-token-encrypt

Known Vulnerabilities

This module allows you to generate JSON Web-Tokens with some elements of the data encrypted and read it in a very simple way, without worry too much about encryption.

Install

npm install 'jwt-token-encrypt' --save

Usage

import * as jwtEncrypt from 'jwt-token-encrypt';

Above is a breaking change as before import was done with defaultExport !

Version < "1.0.3"

Creating JWT

// Data that will be publicly available
const publicData = {
    role: "user"
};

// Data that will only be available to users who know encryption details.
const privateData = {
    email: "user",
    bank: "HSBC",
    pin: "1234",
};

// Encryption settings
const encryption = {
    key: 'AAAAAAAAAAAAAA',
    algorithm: 'aes-256-cbc',
  };

// JWT Settings
const jwtDetails = {
    secret: '1234567890', // to sign the token
    // Default values that will be automatically applied unless specified.
    // algorithm: 'HS256',
    // expiresIn: '12h',
    // notBefore: '0s',
    // Other optional values
    key: 'ThisIsMyAppISS',// is used as ISS but can be named iss too
};

const token = await jwtEncrypt.generateJWT(
      jwtDetails,
      publicData,
      encryption,
      privateData
    );

Reading JWT

// Encryption settings
const encryption = {
    key: 'AAAAAAAAAAAAAA',
    algorithm: 'aes-256-cbc',
  };

const decrypted = jwtEncrypt.readJWT(token, encryption);

Token Content

E.g.

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJOS0luVldoQjFyVkxDd3hsdE1OdWlVQzZoOVV1ZEFiaSIsImRhdGEiOnsicHVibGljIjp7ImRhdGExIjoxLCJkYXRhMiI6MiwiZGF0YTMiOjN9LCJlbmNEYXRhIjoiYjliM2QyNDdkNTk4ZTlkODczOTM2NTI4MWVmN2ExZTkifSwiaWF0IjoxNTExMTk5MDg0LCJleHAiOjE1MTEyNDIyODR9.KzfcIY95RR7aPYKn5EcXZYvETDCGZIJ91p7IfXCiClw

Once decoded will hold below content jwt.io

{
    iss: 'NKInVWhB1rVLCwxltMNuiUC6h9UudAbi',
    data: {
      public: {
            data1: 1,
            data2: 2,
            data3: 3
        },
      encData: '5fb8ed70a3864cbd97b25cc8ca2c0bc7',
    },
  },

As you can see private data:

privateData = {
   email: "user",
   bank: "HSBC",
   pin: "1234",
}

is got encripted and respresented with:

{
    ....
    encData: '5fb8ed70a3864cbd97b25cc8ca2c0bc7',
    ....
}

To change encData label you need to pass extra parameter to generateJWT method: e.g.

const token = await jwtEncrypt.generateJWT(
     jwtDetails,
     publicData,
     encryption,
     privateData,
     'session',
   );

will result in having:

{
    iss: 'NKInVWhB1rVLCwxltMNuiUC6h9UudAbi',
    data: {
      public: {
            data1: 1,
            data2: 2,
            data3: 3
        },
      session: '5fb8ed70a3864cbd97b25cc8ca2c0bc7',
    },
  },

also to read you will need to pass new filed name

e.g.

// Encryption settings
const encryption = {
   key: 'AAAAAAAAAAAAAA',
   algorithm: 'aes-256-cbc',
 };

const decrypted = jwtEncrypt.readJWT(token, encryption, 'session');

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published