npm - @nitrotool/jwt - Versions diffs - 0.0.7 → 0.0.9 - Mend

@nitrotool/jwt 0.0.7 → 0.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md CHANGED Viewed

@@ -6,14 +6,22 @@ Lightweight JWT utilities for Nitro/UnJS environments with optional h3 helpers.
 - Helpers that read `jwtSecret` from your Nitro runtime config
 - h3 utilities to extract tokens from requests and enforce authentication
+Learn more about JWT and how it works here:
+- [What is a JWT?](https://www.jwt.io/introduction#what-is-json-web-token)
+- [JWT.io](https://jwt.io/)
 ## Installation
+```bash
+pnpm install @nitrotool/jwt
+```
 ```bash
 npm install @nitrotool/jwt
 ```
 Peer dependency:
-- `h3` is required only when using the h3 helpers.
+- `h3` is required.
 ## Importing
@@ -24,7 +32,7 @@ You can import from the main entry or subpath exports:
 import { encodeJwt, verifyJwt, decodeJwt } from '@nitrotool/jwt';
 // Subpath (JWT-only)
-import { encodeJwtRaw, verifyJwtRaw, decodeJwtRaw } from '@nitrotool/jwt/jwt';
+import { encodeJwtRaw, verifyJwtRaw, decodeJwtRaw } from '@nitrotool/jwt/core';
 // Subpath (h3 helpers)
 import { extractApiToken, requireApiToken } from '@nitrotool/jwt/h3';
@@ -75,52 +83,6 @@ Supported token locations:
 - Authorization header: `Authorization: Bearer <token>`
 - Query string: `?token=<token>`
-## API Reference
-All helpers are asynchronous.
-### JWT helpers
-- `encodeJwtRaw<T>(payload, secret, ttl = 60): Promise<string>`
-    - Signs a token with the provided `secret`.
-    - `ttl` is in seconds. Default: `60`.
-    - `exp` is set automatically from `ttl`.
-- `encodeJwt<T>(payload): Promise<string>`
-    - Same as `encodeJwtRaw`, but uses `useRuntimeConfig().jwtSecret`.
-- `verifyJwtRaw(token, secret): Promise<boolean>`
-    - Verifies signature and expiry using the provided `secret`.
-- `verifyJwt(token): Promise<boolean>`
-    - Same as `verifyJwtRaw`, but uses `useRuntimeConfig().jwtSecret`.
-- `decodeJwtRaw<T>(token, secret, { verify = true } = {}): Promise<T & Partial<JwtPayload>>`
-    - Decodes the token. When `verify` is `true`, verifies signature and expiry.
-    - Throws `UnauthorizedError('Invalid JWT token.')` if verification fails.
-    - Throws if `verify` is `true` but `secret` is empty.
-- `decodeJwt<T>(token, { verify = true } = {}): Promise<T & Partial<JwtPayload>>`
-    - Same as `decodeJwtRaw`, but uses `useRuntimeConfig().jwtSecret`.
-    - Throws `UnauthorizedError('Invalid JWT token.')` if verification fails.
-Types:
-- `ExtendableJwtPayload<T>` lets you define custom claims merged with standard JWT claims.
-### h3 helpers
-- `extractBearerToken(event): string | undefined`
-    - Reads `Authorization` header and returns the token without `Bearer `.
-- `extractQueryToken(event): string | undefined`
-    - Reads `token` from the query string.
-- `extractApiToken(event): string | undefined`
-    - Returns the first non-empty token found by `extractBearerToken` or `extractQueryToken`.
-- `requireApiToken(event): string`
-    - Same as `extractApiToken`, but throws `UnauthenticatedError` if missing.
 ## Configuration
 When using non-`Raw` helpers, ensure a secret is available at runtime:
@@ -176,6 +138,53 @@ const ok = await verifyJwtRaw(token, process.env.JWT_SECRET!);
 - Only set `verify: false` for non-sensitive, debug-like operations.
 - Rotate secrets periodically and invalidate old tokens if needed.
+## API Reference
+All helpers are asynchronous.
+### JWT helpers
+- `encodeJwtRaw<T>(payload, secret, ttl = 60): Promise<string>`
+    - Signs a token with the provided `secret`.
+    - `ttl` is in seconds. Default: `60`.
+    - `exp` is set automatically from `ttl`.
+- `encodeJwt<T>(payload): Promise<string>`
+    - Same as `encodeJwtRaw`, but uses `useRuntimeConfig().jwtSecret`.
+- `verifyJwtRaw(token, secret): Promise<boolean>`
+    - Verifies signature and expiry using the provided `secret`.
+- `verifyJwt(token): Promise<boolean>`
+    - Same as `verifyJwtRaw`, but uses `useRuntimeConfig().jwtSecret`.
+- `decodeJwtRaw<T>(token, secret, { verify = true } = {}): Promise<T & Partial<JwtPayload>>`
+    - Decodes the token. When `verify` is `true`, verifies signature and expiry.
+    - Throws `UnauthorizedError('Invalid JWT token.')` if verification fails.
+    - Throws if `verify` is `true` but `secret` is empty.
+- `decodeJwt<T>(token, { verify = true } = {}): Promise<T & Partial<JwtPayload>>`
+    - Same as `decodeJwtRaw`, but uses `useRuntimeConfig().jwtSecret`.
+    - Throws `UnauthorizedError('Invalid JWT token.')` if verification fails.
+Types:
+- `ExtendableJwtPayload<T>` lets you define custom claims merged with standard JWT claims.
+### h3 helpers
+- `extractBearerToken(event): string | undefined`
+    - Reads `Authorization` header and returns the token without `Bearer `.
+- `extractQueryToken(event, key = 'token'): string | undefined`
+    - Reads `token` from the query string.
+- `extractApiToken(event): string | undefined`
+    - Returns the first non-empty token found by `extractBearerToken` or `extractQueryToken`.
+- `requireApiToken(event): string`
+    - Same as `extractApiToken`, but throws `UnauthenticatedError` if missing.
 ## License
 MIT

package/dist/h3.d.mts CHANGED Viewed

@@ -1,7 +1,7 @@
 import { H3Event } from 'h3';
 declare const extractBearerToken: (event: H3Event) => string;
-declare const extractQueryToken: (event: H3Event) => string | undefined;
+declare const extractQueryToken: (event: H3Event, key?: string) => string | undefined;
 declare const extractApiToken: (event: H3Event) => string | undefined;
 declare const requireApiToken: (event: H3Event) => string;

package/dist/h3.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import { H3Event } from 'h3';
 declare const extractBearerToken: (event: H3Event) => string;
-declare const extractQueryToken: (event: H3Event) => string | undefined;
+declare const extractQueryToken: (event: H3Event, key?: string) => string | undefined;
 declare const extractApiToken: (event: H3Event) => string | undefined;
 declare const requireApiToken: (event: H3Event) => string;

package/dist/h3.mjs CHANGED Viewed

@@ -2,7 +2,7 @@ import { getRequestHeader, getQuery } from 'h3';
 import { UnauthenticatedError } from '@nitrotool/errors';
 const extractBearerToken = (event) => getRequestHeader(event, "Authorization")?.replace("Bearer ", "") || void 0;
-const extractQueryToken = (event) => getQuery(event)?.token || void 0;
+const extractQueryToken = (event, key = "token") => getQuery(event)?.[key] || void 0;
 const extractApiToken = (event) => extractBearerToken(event) || extractQueryToken(event);
 const requireApiToken = (event) => {
   const token = extractApiToken(event);

package/package.json CHANGED Viewed

@@ -1,17 +1,17 @@
 {
   "name": "@nitrotool/jwt",
-  "version": "0.0.7",
+  "version": "0.0.9",
   "main": "dist/index.mjs",
   "type": "module",
   "exports": {
     ".": "./dist/index.mjs",
-    "./jwt": "./dist/jwt.mjs",
+    "./core": "./dist/jwt.mjs",
     "./h3": "./dist/h3.mjs"
   },
   "types": "./dist/index.d.ts",
   "dependencies": {
     "@tsndr/cloudflare-worker-jwt": "^3.2.0",
-    "@nitrotool/errors": "0.0.7"
+    "@nitrotool/errors": "0.0.9"
   },
   "peerDependencies": {
     "h3": "^1.15.3"