使用Deno进行JWT身份验证 [英] JWT authentication with Deno
问题描述
如何在Deno中创建和验证JSON Web令牌?
How to create and validate JSON Web Token in Deno?
我不是Deno运行时的新手,因此在Deno中使用JWT入门示例会很有帮助.
I am new to the Deno runtime, so it would be helpful to have a sample to get started with JWT in Deno.
推荐答案
下面是一个简短的演示,它演示了如何创建具有 HS256
签名的JWT,以及如何对其进行验证并提取有效载荷.
Here is a short demonstration that shows how to create a JWT with a HS256
signature and how to verify it and extract the payload.
jwtdemo.ts (基于 djwt的1.9版):
import { verify, create, Header, Payload, getNumericDate } from "https://deno.land/x/djwt@v1.9/mod.ts"
var key = "secret-key";
const algorithm = "HS256"
const header: Header = {
alg: algorithm,
typ: "JWT",
"custom-key":"custom-value"
};
const payload: Payload = {
iss: "deno-demo",
exp: getNumericDate(300) // 300 seconds = 5 minutes from now on
//exp: getNumericDate(new Date("2020-11-02T19:00:00.000Z")) // or set a certain date and time
};
const jwt = await create(header, payload, key)
console.log(jwt);
//key = "wrong-key" // this will let the verification fail
try {
const payload = await verify(jwt, key, algorithm)
console.log(payload)
}
catch(ex) {
console.log(ex.message)
}
帮助程序方法 getNumericDate(exp)
自动设置正确的Unix时间戳,并将作为参数给出的秒数添加到当前时间或直接使用给定的date参数.
The helper method getNumericDate(exp)
automatically sets a correct unix timestamp and adds the number of seconds given as an argument to the current time or uses the given date argument directly.
您可以直接运行上面的演示,所有导入的模块将自动下载:
You can run the above demo directly and all imported modules will be downloaded automatically:
deno run jwtdemo.ts
结果是:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImN1c3RvbS1rZXkiOiJjdXN0b20tdmFsdWUifQ.eyJpc3MiOiJkZW5vLWRlbW8iLCJleHAiOjE2MDQzNDI2NDR9.6dbloI7z6M40JSw5JPE_F19SWYaY4sALQ48mxUir8DM
{ iss: "deno-demo", exp: 1604342644 }
或者,如果签名错误:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImN1c3RvbS1rZXkiOiJjdXN0b20tdmFsdWUifQ.eyJpc3MiOiJkZW5vLWRlbW8iLCJleHAiOjE2MDQzNDI2MzN9.XUUSZRsZp0sFdu8RBmzFcOZMXc9ZguA8tPy8n0hI7l4
The jwt's signature does not match the verification signature.
在node.js中创建JWT的显着区别是,我们在此处具有预定义的接口 Header
和 Payload
,而不是简单的JSON并检查值.
A notable difference to JWT creation in node.js is, that we have predefined interfaces Header
and Payload
here instead of simple JSON and values are checked.
当我设置
const algorithm = "XS256" // instead of "HS256"
对算法的检查将失败,并且程序无法启动:
the check of the algorithm will fail and the program doesn't start:
Check file:///C:/Users/jps/source/deno/jwtdemoV19.ts
error: TS2322 [ERROR]: Type '"XS256"' is not assignable to type 'Algorithm'.
alg: algorithm,
~~~
at file:///C:/Users/jps/source/deno/jwtdemoV19.ts:8:3
The expected type comes from property 'alg' which is declared here on type 'Header'
alg: Algorithm;
~~~
at https://deno.land/x/djwt@v1.9/mod.ts:36:3
TS2345 [ERROR]: Argument of type '"XS256"' is not assignable to parameter of type 'AlgorithmInput'.
const payload = await verify(jwt, key, algorithm)
~~~~~~~~~
at file:///C:/Users/jps/source/deno/jwtdemoV19.ts:26:42
Found 2 errors.
该示例代码使用 djwt 版本1.9,该版本当前支持 HS256
, HS512
和 RS256
签名算法.将来会根据deno加密模块支持的可用性而增加更多算法.
The sample code utilises djwt version 1.9, which currently supports HS256
, HS512
and RS256
signature algorithms. More algorithms will be added in future, depending on the availability of support in the deno crypto modules.
阅读此答案我看看如何验证RS256签名令牌.
Read this answer I to see how to verify a RS256 signed token.
注意:此答案已被重写,以涵盖1.9版中djwt api的重大更改.旧版本基于djwt v1.7
Note: This answer has been rewritten to cover the breaking changes of the djwt api in version 1.9. The old version of this post was based on djwt v1.7
这篇关于使用Deno进行JWT身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!