jwt
This module contains functions and types to encode and decode JWTs issued and used by Auth.js.
The JWT issued by Auth.js is encrypted by default, using the A256CBC-HS512 algorithm (JWE).
It uses the AUTH_SECRET
environment variable or the passed secret
propery to derive a suitable encryption key.
Auth.js JWTs are meant to be used by the same app that issued them. If you need JWT authentication for your third-party API, you should rely on your Identity Provider instead.
Installationβ
- npm
- Yarn
- pnpm
npm install @auth/core
yarn add @auth/core
pnpm add @auth/core
You can then import this submodule from @auth/core/jwt
.
Usageβ
This module will be refactored/changed. We do not recommend relying on it right now.
Resourcesβ
decode()β
decode<
Payload
>(params
):Promise
<Payload
|null
>
Decodes a Auth.js issued JWT.
Type parametersβ
βͺ Payload = JWT
Parametersβ
βͺ params: JWTDecodeParams
Returnsβ
Promise
< Payload
| null
>
encode()β
encode<
Payload
>(params
):Promise
<string
>
Issues a JWT. By default, the JWT is encrypted using "A256CBC-HS512".
Type parametersβ
βͺ Payload = JWT
Parametersβ
βͺ params: JWTEncodeParams
< Payload
>
Returnsβ
Promise
< string
>
getToken()β
getToken<
R
>(params
):Promise
<R
extendstrue
?string
:JWT
|null
>
Takes an Auth.js request (req
) and returns either the Auth.js issued JWT's payload,
or the raw JWT string. We look for the JWT in the either the cookies, or the Authorization
header.
Type parametersβ
βͺ R extends boolean
= false
Parametersβ
βͺ params: GetTokenParams
< R
>
Returnsβ
Promise
< R
extends true
? string
: JWT
| null
>
JWTβ
Returned by the jwt
callback and getToken
, when using JWT sessions
Extendsβ
Record
<string
,unknown
>.DefaultJWT