A flexible authentication and authorization module that implements the Auth interface of antelopejs with JWT.
ajs project modules add @antelopejs/auth-jwtThis module implements the Auth interface it can be integrated with your application to handle user authentication, token generation, verification, and access control. The interface is installed separately to maintain modularity and minimize dependencies.
| Name | Install command | |
|---|---|---|
| Auth | ajs module imports add auth |
Documentation |
The Auth module can be configured with the following options:
{
"secret": "your-secret-key",
"signKey": "path-to-private-key-file",
"verifyKey": "path-to-public-key-file",
"signOptions": {
"expiresIn": "1h",
"algorithm": "RS256"
},
"verifyOptions": {
"ignoreExpiration": false,
"algorithms": ["RS256"]
}
}The configuration options include:
secret: A shared secret key used for both signing and verification (symmetric)signKey: Path to a private key file (for asymmetric signing)verifyKey: Path to a public key file (for asymmetric verification)signOptions: Options for token signing (follows jsonwebtoken's SignOptions)verifyOptions: Options for token verification (follows jsonwebtoken's VerifyOptions)
Note: Either secret or both signKey and verifyKey must be provided.
As this module interfaces auth decorator with the interface API provider system, it can be used with API controllers.
Authentication decorators can be used with any parameter in API controller methods. They can be combined with other parameters and decorators:
import { Controller, Get } from '@ajs/api/beta';
import { Authentication, AdminAuth } from '@ajs/auth/beta';
class UsersController extends Controller('/users') {
// Accessible to all authenticated users
@Get()
async listUsers(@Authentication() user: any) {
// List users
return { users: [] };
}
}This project is licensed under the Apache License 2.0 - see the LICENSE file for details.