Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: auth0/node-jsonwebtoken
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v5.3.1
Choose a base ref
...
head repository: auth0/node-jsonwebtoken
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v5.4.0
Choose a head ref
  • 3 commits
  • 4 files changed
  • 1 contributor

Commits on Oct 2, 2015

  1. deprecate expireInMinutes and expireInSeconds - in favor of expiresIn

    @jfromaniello
    jfromaniello committed Oct 2, 2015
    Copy the full SHA
    39ecc6f View commit details

  2. Merge branch 'improve_expiration'

    @jfromaniello
    jfromaniello committed Oct 2, 2015
    Copy the full SHA
    c5375ff View commit details

  3. 5.4.0

    @jfromaniello
    jfromaniello committed Oct 2, 2015
    Copy the full SHA
    c7e34bb View commit details
Showing with 69 additions and 7 deletions.
  1. +2 −2 README.md
  2. +27 −4 index.js
  3. +1 −1 package.json
  4. +39 −0 test/expires_format.tests.js
4 changes: 2 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -25,7 +25,7 @@ encoded private key for RSA and ECDSA.
`options`:

* `algorithm` (default: `HS256`)
* `expiresInMinutes` or `expiresInSeconds`
* `expiresIn`: expressed in seconds or an string describing a time span [rauchg/ms](https://github.com/rauchg/ms.js). Eg: `60`, `"2 days"`, `"10h"`, `"7d"`
* `audience`
* `subject`
* `issuer`
@@ -35,7 +35,7 @@ encoded private key for RSA and ECDSA.
If `payload` is not a buffer or a string, it will be coerced into a string
using `JSON.stringify`.

If any `expiresInMinutes`, `audience`, `subject`, `issuer` are not provided, there is no default. The jwt generated won't include those properties in the payload.
If any `expiresIn`, `audience`, `subject`, `issuer` are not provided, there is no default. The jwt generated won't include those properties in the payload.

Additional headers can be provided via the `headers` object.

31 changes: 27 additions & 4 deletions index.js
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
var jws = require('jws');
var ms = require('ms');

var JWT = module.exports;

@@ -57,12 +58,34 @@ JWT.sign = function(payload, secretOrPrivateKey, options, callback) {
payload.iat = payload.iat || timestamp;
}

var expiresInSeconds = options.expiresInMinutes ?
options.expiresInMinutes * 60 :
options.expiresInSeconds;
if (options.expiresInSeconds || options.expiresInMinutes) {
var deprecated_line;
try {
deprecated_line = /.*\((.*)\).*/.exec((new Error()).stack.split('\n')[2])[1];
} catch(err) {
deprecated_line = '';
}

console.warn('jsonwebtoken: expiresInMinutes and expiresInSeconds is deprecated. (' + deprecated_line + ')\n' +
'Use "expiresIn" expressed in seconds.');

var expiresInSeconds = options.expiresInMinutes ?
options.expiresInMinutes * 60 :
options.expiresInSeconds;

if (expiresInSeconds) {
payload.exp = timestamp + expiresInSeconds;
} else if (options.expiresIn) {
if (typeof options.expiresIn === 'string') {
var milliseconds = ms(options.expiresIn);
if (typeof milliseconds === 'undefined') {
throw new Error('bad "expiresIn" format: ' + options.expiresIn);
}
payload.exp = timestamp + milliseconds / 1000;
} else if (typeof options.expiresIn === 'number' ) {
payload.exp = timestamp + options.expiresIn;
} else {
throw new Error('"expiresIn" should be a number of seconds or string representing a timespan eg: "1d", "20h", 60');
}
}

if (options.audience)
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "jsonwebtoken",
"version": "5.3.1",
"version": "5.4.0",
"description": "JSON Web Token implementation (symmetric and asymmetric)",
"main": "index.js",
"scripts": {
39 changes: 39 additions & 0 deletions test/expires_format.tests.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
var jwt = require('../index');
var expect = require('chai').expect;

describe('expires option', function() {

it('should work with a number of seconds', function () {
var token = jwt.sign({foo: 123}, '123', { expiresIn: 10 });
var result = jwt.verify(token, '123');
expect(result.exp).to.be.closeTo(Math.floor(Date.now() / 1000) + 10, 0.2);
});

it('should work with a string', function () {
var token = jwt.sign({foo: 123}, '123', { expiresIn: '2d' });
var result = jwt.verify(token, '123');
var two_days_in_secs = 2 * 24 * 60 * 60;
expect(result.exp).to.be.closeTo(Math.floor(Date.now() / 1000) + two_days_in_secs, 0.2);
});

it('should work with a string second example', function () {
var token = jwt.sign({foo: 123}, '123', { expiresIn: '36h' });
var result = jwt.verify(token, '123');
var day_and_a_half_in_secs = 1.5 * 24 * 60 * 60;
expect(result.exp).to.be.closeTo(Math.floor(Date.now() / 1000) + day_and_a_half_in_secs, 0.2);
});


it('should throw if expires has a bad string format', function () {
expect(function () {
jwt.sign({foo: 123}, '123', { expiresIn: '1 monkey' });
}).to.throw(/bad "expiresIn" format: 1 monkey/);
});

it('should throw if expires is not an string or number', function () {
expect(function () {
jwt.sign({foo: 123}, '123', { expiresIn: { crazy : 213 } });
}).to.throw(/"expiresIn" should be a number of seconds or string representing a timespan/);
});

});