need some real world examples

[ralyodio]

All the tutorials out there I could find seem to use an outdated api for djwt.

I'm looking to just authetnicate a user upon login and validate them for authorized api calls.

[ausgomez]

Hi ,

I have created a very simple Auth Deno Api using this same repo and some other tools.
It includes some examples on how to login, register and use your JWT token to do some requests

https://github.com/Anstroy/deno-api/

I invite you to take a look at it, I am updating some of the README.md file for documentation,
let me know if you have any questions about it.

Thanks

[authcompanion]

Check out https://github.com/authcompanion/authcompanion - recently updated for the latest djwt apis

[transtone]

please add a importKey example:

const key = await crypto.subtle.importKey(
  "raw",
  new TextEncoder().encode("your secret string"),
  { name: "HMAC", hash: "SHA-256" },
  true,
  ["sign", "verify"],
)

[timonson]

@transtone if this is not enough you can find other examples here or on mdn.

[transtone]

for someone who not know much about decode/encode/base64/cryptokey etc like me,
can't find a way to get binaryDer in https://github.com/timonson/djwt/blob/master/examples/pkcs8_storing.ts#L19

a fine example like https://jwt.io does is very nice.

[KaKi87]

Switching from this :

import {
    create,
    verify
} from 'https://deno.land/x/[email protected]/mod.ts';

export const
    signJwt = async (
        data,
        secret
    ) => await create(
        {
            alg: 'HS256',
            typ: 'JWT'
        },
        data,
        secret
    ),
    verifyJwt = async (
        jwt,
        secret
    ) => await verify(
        jwt,
        secret,
        'HS256'
    );

To this :

import {
    create,
    verify
} from 'https://deno.land/x/[email protected]/mod.ts';

const
    cryptoArgs = [
        { name: 'HMAC', hash: 'SHA-256' },
        true,
        ['sign', 'verify']
    ],
    keyToSecret = async key => (await crypto.subtle.exportKey(
        'jwk',
        key
    )).k,
    secretToKey = secret => crypto.subtle.importKey(
        'raw',
        new TextEncoder().encode(secret),
        ...cryptoArgs
    );

export const
    generateSecret = async () => await keyToSecret(await crypto.subtle.generateKey(...cryptoArgs)),
    signJwt = async (
        data,
        secret
    ) => await create(
        {
            alg: 'HS256',
            typ: 'JWT'
        },
        data,
        await secretToKey(secret)
    ),
    verifyJwt = async (
        jwt,
        secret
    ) => await verify(
        jwt,
        await secretToKey(secret)
    );

took me much more time than it would have if all of those methods were documented on the README.

Also, PR #54, which introduced those changes, should have been released as a new major version according to article 8 of SemVer specification :

Major version X (X.y.z | X > 0) MUST be incremented if any backwards incompatible changes are introduced to the public API.

Thanks

[timonson]

took me much more time than it would have if all of those methods were documented on the README

PRs are welcome!

should have been released as a new major version

Good point, thank you!