A JWT library written in TypeScript which supports Deno, Node.Js, Cloudflare Workers & Bun
Attributes
Includes Deno configuration
Repository
Current version released
10 months ago
JWT by 4zeroiv
This is a JWT library written in TypeScript which supports Deno, Node.Js, Cloudflare Workers & Bun
π» Installation
# From NPM
npm i @4zeroiv/jwt
# From JSR (JavaScript Registry)
deno add jsr:@4zeroiv/jwtImporting from published packages
- Deno:
import { HS256 } from "https://deno.land/x/jwtx/mod.ts";- NPM:
import { HS256 } from "@4zeroiv/jwt";βοΈ HS256(payload: object, secret: string, signatureOnly?: boolean): Promise<string | object>
Signs a payload using the HMAC-SHA256 algorithm and returns either the full JWT or just the signature.
π₯ Parameters
| Name | Type | Required | Description |
|---|---|---|---|
payload |
object |
β | The JSON data to encode and sign |
secret |
string |
β | The secret key used for HMAC-SHA256 signing |
signatureOnly |
boolean |
β | If true, only the signature is returned (default: false) |
π Returns
| Type | Description |
|---|---|
string |
Base64Url encoded signature string (if signatureOnly is true) |
string |
Full JWT in header.payload.signature format (if signatureOnly is false) |
π Example
import { HS256 } from "@4zeroiv/jwt"
const payload = {
userId: 123,
exp: Math.floor(Date.now() / 1000) + 60 * 60 // expires in 1 hour
}
const token = await HS256(payload, "my-secret")
// token -> "header.payload.signature"
const signature = await HS256(payload, "my-secret", true)
// signature -> "aWJsdGV..."
console.log(token)β
verify(token: string, secret: string, debugMode?: boolean): Promise<boolean | VerifyResponse>
Verifies the validity of a JWT by checking its structure, signature, and time-based claims (nbf, exp).
π₯ Parameters
| Name | Type | Required | Description |
|---|---|---|---|
token |
string |
β | The JWT to verify |
secret |
string |
β | The secret used to sign the token |
debugMode |
boolean |
β | If true, returns an object with status and a message (default: false) |
π Returns
booleanβtrueif valid,falseif not (whendebugModeisfalse)objectβ{ status: boolean, msg: string }(whendebugModeistrue)
π Example
import { verify } from "@4zeroiv/jwt"
const token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3NTMwMDAwMDB9.XYZ..."
const isValid = await verify(token, "my-secret", true)
console.log(isValid)𧩠decodePayload(token: string): object
Decodes the payload section of a JWT (JSON Web Token) and returns it as a JavaScript object.
π₯ Parameters
| Name | Type | Description |
|---|---|---|
token |
string |
The JWT string to decode (must be in valid format) |
π Returns
| Type | Description |
|---|---|
object |
Returns the decoded payload as an object if the JWT is valid |
object |
Returns an error object with status: false and a message if decoding fails |
π Example
import { decodePayload } from "@4zeroiv/jwt"
const token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjEyMywiZXhwIjoxNzUzMD..." // etc
const payload = decodePayload(token)
console.log(payload)π§Ύ Verify Function Response Messages
| Status | Message | Condition |
|---|---|---|
false |
Token isn't in header.payload.signature format (all 3 parts doesn't exist) |
Token does not have exactly 3 segments separated by . |
false |
The header isn't in a valid format to decode |
Header is invalid Base64 or not a valid JSON |
false |
The payload isn't in a valid format to decode |
Payload is invalid Base64 or not a valid JSON |
false |
This token isn't valid yet |
Payload has nbf (Not Before) and current time is earlier |
false |
This token is expired |
Payload has exp (Expiration) and current time is later |
false |
Token header doesn't have a valid signing algorithm |
Header alg is not supported (i.e., not HS256) |
false |
This token is invalid |
Signature comparison fails |
true |
This token is valid |
Signature is valid, and token passes nbf, exp, and alg checks |
π§Ύ Decode Payload Function Response Messages
| Status | Message | Condition |
|---|---|---|
false |
Token isn't in header.payload.signature format (all 3 parts doesn't exist) |
Token does not have exactly 3 segments separated by . |
false |
The payload isn't in a valid format to decode |
Payload is not valid Base64 |
false |
The header isn't in a valid format to decode |
Decoded payload is not valid JSON |
object |
(decoded payload) | Token is valid and payload successfully decoded |