initia commit

adeiskandarzulkarnaen · Dec 1, 2024 · ddd0c33 · ddd0c33
1 parent b67df9f
commit ddd0c33
Show file tree

Hide file tree

Showing 11 changed files with 6,382 additions and 2 deletions.
diff --git a/.editorconfig b/.editorconfig
@@ -0,0 +1,19 @@
+# EditorConfig
+root = true
+
+[src/*]
+charset = utf-8
+end_of_line = lf
+indent_size = 2
+indent_style = space
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.md]
+trim_trailing_whitespace = false
+
+[*.{yml,yaml}]
+indent_size = 2
+
+[docker-compose.yml]
+indent_size = 4
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -0,0 +1,18 @@
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v3
+        with:
+          node-version: "20"
+      - run: npm ci
+      - run: npm run build
+      - uses: JS-DevTools/npm-publish@v3
+        with:
+          token: ${{ secrets.NPM_TOKEN }}
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,4 @@
+.docs
+.DS_Store
+node_modules
+dist
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2024 Ade Iskandar Zulkarnaen
+Copyright (c) 2024 Zulkarnaen
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/README.md b/README.md
@@ -1 +1,79 @@
-# express-jwt-auth
+# express-mjwt
+
+This module provides ExpressJs middleware to validate JWT via the [jsonwebtoken](https://www.npmjs.com/package/jsonwebtoken) module.
+
+## Install
+
+```
+$ npm install express-mjwt
+```
+
+## API
+
+`authJwt(options)`
+
+Options has the following parameters:
+
+- `secret: jwt.Secret` (required): The secret as a string to retrieve the secret.
+- `algorithms` (required): Specifies the algorithms to be used for token verification.
+- `invalidAuthenticationHeaderMessage` (optional): A string defining the error message displayed when the authentication header is invalid.
+- `noAuthenticationHeaderMessage` (optional):  A string defining the error message displayed when no authentication header is provided.
+- `tokenExpireMessage` (optional): A string defining the error message displayed when the token has expired.
+- `tokenFailureVerificationMessage` (optional): A string defining the error message displayed when token verification fails.
+
+
+## Usage
+
+Basic usage using an HS256 secret:
+
+```javascript
+import { authJwt } from 'express-mjwt';
+
+app.get(
+  '/protected',
+  authJwt({ secret: 'jwt_secret', algorithms: ['HS256'] }),
+  (req, res) => {
+    if (!req.auth.admin) return res.sendStatus(401);
+    res.sendStatus(200);
+  }
+);
+```
+
+The decoded JWT payload is available on the request via the `auth` property.
+
+### Required Parameters
+
+The `algorithms` parameter is required to prevent potential downgrade attacks when providing third party libraries as **secrets**.
+
+:warning: **Do not mix symmetric and asymmetric (ie HS256/RS256) algorithms**: Mixing algorithms without further validation can potentially result in downgrade vulnerabilities.
+
+```javascript
+authJwt({
+  secret: 'jwt_secret',
+  algorithms: ['HS256'],
+  //algorithms: ['RS256']
+});
+```
+
+
+## Typescript
+
+A `JWTRequest` type is provided from `express-mjwt`, which extends `express.Request` with the `auth` property. I
+
+```typescript
+import { Response } from 'express';
+import { authJwt, JWTRequest } from 'express-mjwt';
+
+app.get(
+  "/protected",
+  authJwt({ secret: 'jwt_secret', algorithms: ['HS256'] }),
+  function (req: JWTRequest, res: Response) {
+    if (!req.auth?.admin) return res.sendStatus(401);
+    res.sendStatus(200);
+  }
+);
+```
+
+## License
+
+This project is licensed under the MIT license. See the [LICENSE](LICENSE) file for more info.
diff --git a/eslint.config.mjs b/eslint.config.mjs
@@ -0,0 +1,36 @@
+import globals from 'globals';
+import pluginJs from '@eslint/js';
+import tseslint from 'typescript-eslint';
+
+
+/** @type {import('eslint').Linter.Config[]} */
+export default [
+  { files: ['**/*.{js,mjs,cjs,ts}'] },
+  { files: ['**/*.js'], languageOptions: { sourceType: 'script' } },
+  { languageOptions: { globals: { ...globals.browser, ...globals.node } } },
+  pluginJs.configs.recommended,
+  ...tseslint.configs.recommended,
+  {
+    ignorePatterns: ['dist/'],
+    rules: {
+      'linebreak-style': ['error', 'unix'],
+      'no-trailing-spaces': 'error',
+      'indent': ['error', 2],
+      'camelcase': 'error',
+      'arrow-parens': ['error', 'always'],
+      'comma-spacing': ['error', { 'before': false, 'after': true }],
+      'object-curly-spacing': ['error', 'always'],
+      'array-bracket-spacing': ['error', 'never'],
+      'space-in-parens': ['error', 'never'],
+      'space-before-function-paren': ['error', { 'anonymous': 'always', 'named': 'never', 'asyncArrow': 'always' }],
+      'func-call-spacing': ['error', 'never'],
+      'keyword-spacing': ['error', { 'before': true, 'after': true }],
+      'prefer-const': 'error',
+      'no-var': 'error',
+      'semi': ['error', 'always'],
+      'quotes': ['error', 'single', { 'avoidEscape': true }],
+      'prefer-template': 'error',
+      'prefer-arrow-callback': 'error',
+    },
+  },
+];