express-jwt
express-jwt copied to clipboard
auth0
connect/express middleware that validates a JsonWebToken (JWT) and set the req.user with the attributes
**Please do not report security vulnerabilities here**. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues. **Thank you in advance for helping us to improve this library!** Your...
import {expressjwt} from "express-jwt"; // create function that prevent un auth login to access the api ``` function authJwt() { const secret = process.env.SECRET_KEY; const api = process.env.API_URL; return expressjwt({...
### Describe the problem you'd like to have solved I have a gateway in front of my services which takes care of validating the JWT tokens. I would still like...
### Description Fix misspelled word `call` in README file. Currently in [Additional Options](https://github.com/auth0/express-jwt#additional-options) section on line `Or, the other way around, if you want to make some paths unprotected, cal...
### Description I have followed the type overriding [to integrate `express-jwt` and `jwks-rsa`](https://github.com/auth0/express-jwt/issues/288) but the [Typescript Express instructions](https://github.com/auth0/express-jwt#typescript) do not work for me. When I use the provided `Request` type...
### Description > Provide a clear and concise description of the issue, including what you expected to happen. I'm using a React front end (served by my node.js back end)...
### Description the returned `err.name` contains spaces. ### Reproduction ```js app.use(expressjwt({ secret: SECRET, algorithms: ['HS256'] }).unless({ path: unlesses })) app.use((err, req, res, next) => { if (err.name. === 'TokenExpiredError') {...
[express-oauth2-jwt-bearer](https://github.com/auth0/node-oauth2-jwt-bearer/tree/main/packages/express-oauth2-jwt-bearer) has been made Generally Available
Added extra security layer. UserId needs to be passed as id in headers along with the token in order to verify the request comes from the same source. Decoded jwt...
In production, we ran into an issue where if an express server starts up and a client attempts to make requests with an access token issued from the wrong issuer,...
