Validate a JWTs scope to authorize access to an endpoint
MIT License
Validate a JWTs scope
to authorize access to an endpoint.
$ npm i -S @tadashi/koa-jwt-authz
koa >=2
is a peer dependency. Make sure it is installed in your project.
Use together with koa-jwt to both validate a JWT and make sure it has the correct permissions to call an endpoint.
import jwtAuthz from '@tadashi/koa-jwt-authz'
import jwt from 'koa-jwt'
import Koa from 'koa'
import Router from '@koa/router'
const app = new Koa()
const router = new Router()
router.get('/', ctx => {
ctx.body = {home: 'free'}
})
router.get('/me',
jwt({secret: 'shared_secret'}),
jwtAuthz(['read:users']),
ctx => {
ctx.body = ctx.state.user
}
)
app.use(router.middleware())
app.listen(process.env.PORT ?? 3000)
The JWT must have a scope
claim and it must either be a string of space-separated permissions or an array of strings. For example:
# String: "write:users read:users"
# Array: ["write:users", "read:users"]
parameter | type | required | default | description |
---|---|---|---|---|
expectedScopes | Array | yes | - | List of permissions |
options | Object | no | see below | Options |
parameter | type | required | default | description |
---|---|---|---|---|
checkAllScopes | Boolean | no | false | When true, all the expected scopes will be checked against the user's scopes |
customScopeKey | String | no | scope | The property name to check for the scope |
MIT © Thiago Lagden