Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add dependencies needed for JWT authorization middleware #24

Merged
merged 3 commits into from
Nov 14, 2024
Merged

Conversation

paulinevos
Copy link
Collaborator

For verifying and decoding JWTs

Copy link

github-actions bot commented Oct 25, 2024

Coverage Report

Status Category Percentage Covered / Total
🔵 Lines 27.49% 179 / 651
🔵 Statements 27.49% 179 / 651
🔵 Functions 44.44% 8 / 18
🔵 Branches 72.72% 8 / 11
File CoverageNo changed files found.
Generated in workflow #41 for commit 59b4a59 by the Vitest Coverage Report Action

Copy link
Collaborator

@edwinm edwinm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I already tried jsonwebtoken and found that the verify function of jsonwebtoken didn't work with our jwt's but when I used the jose package, it did work. I also saw some recommendations to use jose as a better replacement of jsonwebtoken. Maybe you can use that as well?

https://www.npmjs.com/package/jose

Pauline Vos added 3 commits November 13, 2024 14:38
Needed to sign and verify JWTs.
For signing JWTs in dev, will need to be set to something else in prod.
So people don't have to look inside the compose file or run `docker ps
-a` to figure it out. (Also nice if they're not familiar with how
port-forwarding works in docker)
@paulinevos
Copy link
Collaborator Author

@edwinm That seems odd, not sure why that library wouldn't work with our tokens? Should be the same across the board... anyway I've swapped it out for jose now, which works fine.

Copy link
Collaborator

@edwinm edwinm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems jsonwebtoken had some problems with the cetificate format we use. The problem went away with using jose. I thought it was strange too.

@edwinm edwinm merged commit 5d9cc0d into main Nov 14, 2024
3 checks passed
@edwinm edwinm deleted the jwt-lib branch November 14, 2024 21:18
@edwinm edwinm restored the jwt-lib branch November 14, 2024 21:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants