jwt
This module contains functions and types to encode and decode JWTs issued and used by Auth.js.
The JWT issued by Auth.js is encrypted by default, using the A256GCM algorithm (JWE).
It uses the AUTH_SECRET
environment variable to dervice a sufficient encryption key.
Auth.js JWTs are meant to be used by the same app that issued them. If you need JWT authentication for your third-party API, you should rely on your Identity Provider instead.
Installationβ
- npm
- yarn
- pnpm
npm install @auth/core
yarn add @auth/core
pnpm add @auth/core
You can then import this submodule from @auth/core/jwt
.
Usageβ
This module will be refactored/changed. We do not recommend relying on it right now.
Resourcesβ
Functionsβ
decode()β
Signatureβ
decode(params: JWTDecodeParams): Promise<JWT | null>
Decodes a Auth.js issued JWT.
Parametersβ
Name | Type |
---|---|
params | JWTDecodeParams |
Returnsβ
Promise
<JWT | null
>
encode()β
Signatureβ
encode(params: JWTEncodeParams): Promise<string>
Issues a JWT. By default, the JWT is encrypted using "A256GCM".
Parametersβ
Name | Type |
---|---|
params | JWTEncodeParams |
Returnsβ
Promise
<string
>
getToken()β
Signatureβ
getToken<R>(params: GetTokenParams<R>): Promise<R extends true ? string : JWT | null>
Takes an Auth.js request (req
) and returns either the Auth.js issued JWT's payload,
or the raw JWT string. We look for the JWT in the either the cookies, or the Authorization
header.
Documentation
Type parametersβ
R
extendsboolean
=false
Parametersβ
Name | Type |
---|---|
params | GetTokenParams <R > |
Returnsβ
Promise
<R
extends true
? string
: JWT | null
>
Interfacesβ
JWTβ
Returned by the jwt
callback and getToken
, when using JWT sessions