LogoLogo
ChangelogGitHubTwitterGitter
v4.x
v4.x
  • Marble.js
  • Getting started
    • Installation
    • Quick setup
  • HTTP
    • Effects
    • Middlewares
    • Routing
    • Errors
    • Output
    • Context
    • Advanced
      • Logging
      • Validation
      • Server Events
      • Streaming
      • Continuous mode
  • Messaging
    • Core concepts
      • Events
      • Effects
    • Microservices
      • AMQP (RabbitMQ)
      • Redis Pub/Sub
    • CQRS
    • WebSockets
  • Testing
    • HTTP routes testing
  • Other
    • How does it glue together?
    • Migration guides
      • Migration from version 3.x
      • Migration from version 2.x
      • Migration from version 1.x
    • API reference
      • @marblejs/core
        • bindTo
        • bindEagerlyTo
        • createEvent
        • createContextToken
        • operator: matchEvent
        • operator: use
        • operator: act
      • @marblejs/http
        • httpListener
        • r.pipe
        • combineRoutes
        • createServer
      • @marblejs/messaging
        • eventBus
        • messagingClient
        • createMicroservice
        • reply
      • @marblejs/websockets
        • webSocketListener
        • operator: broadcast
        • operator: mapToServer
      • @marblejs/middleware-multipart
      • @marblejs/middleware-cors
      • @marblejs/middleware-io
      • @marblejs/middleware-logger
      • @marblejs/middleware-body
      • @marblejs-contrib/middleware-jwt
        • Token signing
      • @marblejs-contrib/middleware-joi
    • Style Guide
    • FAQ
Powered by GitBook
On this page
  • + generateToken
  • Importing
  • Type declaration
  • Parameters
  • + generateExpirationInHours
  • Importing
  • Type declaration
  • Example
  1. Other
  2. API reference
  3. @marblejs-contrib/middleware-jwt

Token signing

Besides the common things like token authorization, the middleware comes with handy functions responsible for token signing.

Previous@marblejs-contrib/middleware-jwtNext@marblejs-contrib/middleware-joi

Last updated 3 years ago

+ generateToken

The middleware wraps auth0 API into more RxJS friendly functions that can be partially applied and composed inside Observable streams.

generateToken signs new JWT token with provided payload and configuration object which defines the way how the token is signed.

Importing

import { generateToken } from '@marblejs-contrib/middleware-jwt';

Type declaration

generateToken :: GenerateOptions -> Payload -> string

Parameters

parameter

definition

options

GenerateOptions

payload

Payload = string | object | Buffer

Config object which defines a set of parameters that are used for token signing.

parameter

definition

secret

string | Buffer

algorithm

<optional> string

keyid

<optional> string

expiresIn

<optional> string | number

notBefore

<optional> string | number

audience

<optional> string | string[]

subject

<optional> string

issuer

<optional> string

jwtid

<optional> string

noTimestamp

<optional> boolean

header

<optional> object

encoding

<optional> string

+ generateExpirationInHours

The standard for JWT defines an exp claim for expiration. The expiration is represented as a NumericDate. This means that the expiration should contain the number of seconds since the epoch.

generateExpiratinoInHours is a small, but handy function that returns an numeric date for given hours as a parameter. If the function is called without any parameter then the date is generated with 1 hour expiration.

Importing

import { generateExpirationInHours } from '@marblejs-contrib/middleware-jwt';

Type declaration

generateExpirationInHours :: number -> number

Example

token.helper.ts
export const generateTokenPayload = (user: User) => ({
  id: user.id,
  email: user.email,
  exp: generateExpirationInHours(4), 
  // 👆 token will expire within the next 4 hours
});
login.effect.ts
import { r, HttpError, HttpStatus } from '@marblejs/http';
import { throwError } from 'rxjs';
import { catchError } from 'rxjs/operators';
import { generateTokenPayload } from './token.helper';

const login$ = r.pipe(
  r.matchPath('/login'),
  r.matchType('POST'),
  r.useEffect(req$ => req$.pipe(
    map(req => req.body),
    mergeMap(UserDao.findByCredentials),
    map(generateTokenPayload),
    // 👇
    map(generateToken({ secret: Config.jwt.secret })),
    map(token => ({ body: { token } })),
    catchError(() => throwError(() =>
      new HttpError('Unauthorized', HttpStatus.UNAUTHORIZED)
    )),
  )));

For more details about JWT token signing, please visit .

jsonwebtoken
jsonwebtoken package docs