UNPKG

hapi-auth-jwt-simple

Version:

Simple Hapi.js Authentication Plugin/Scheme using JSON Web Tokens (JWT)

github.com/stongo/hapi-auth-jwt-simple

stongo/hapi-auth-jwt-simple

37 lines (30 loc) 1.38 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
var Cookie = require('cookie'); // highly popular decoupled cookie parser /** * Extract the JWT from URL, Auth Header or Cookie */ module.exports = function (request, options) { // The key holding token value in url or cookie defaults to token var urlKey = typeof options.urlKey === 'string' ? options.urlKey : 'token'; var cookieKey = typeof options.cookieKey === 'string' ? options.cookieKey : 'token'; var auth; if(request.query[urlKey]) { // tokens via url: https://github.com/dwyl/hapi-auth-jwt2/issues/19 auth = request.query[urlKey]; } // JWT tokens in cookie: https://github.com/dwyl/hapi-auth-jwt2/issues/55 else if (request.headers.authorization) { if (typeof options.tokenType === 'string') { var token = request.headers.authorization.match(new RegExp(options.tokenType + '\\s+([^$]+)', 'i')); auth = token === null ? null : token[1]; } else { auth = request.headers.authorization; } } else if (request.headers.cookie) { auth = Cookie.parse(request.headers.cookie)[cookieKey]; } // strip pointless "Bearer " label & any whitespace > http://git.io/xP4F return auth ? auth.replace(/Bearer/gi, '').replace(/ /g, '') : null; }; module.exports.isValid = function basicChecks (token) { // rudimentary check for JWT validity see: http://git.io/xPBn for JWT format return token.split('.').length === 3; };