Join us on the demo, while our product experts provide a detailed walkthrough of our enterprise platform.

How to create and validate JSON Web Tokens in Deno

In this blog, we’ll see how to create and validate a JWT(JSON Web Token) in Deno. For this, we’ll be using djwt, the absolute minimum library to make JSON Web…

Puneet Singh
Puneet Singh
July 10, 2020
3 min read

In this blog, we’ll see how to create and validate a JWT(JSON Web Token) in Deno. For this, we’ll be using djwt, the absolute minimum library to make JSON Web Tokens in deno and Oak framework

Before You Get Started

This tutorial assumes you have:

  • A basic understanding of JavaScript and Deno
  • Latest Deno version installed on your system

What is JWT?

JSON Web Token is an internet standard used to create tokens for an application. These tokens hold JSON data and are cryptographically signed.

Here is how a sample Json Web Token looks like

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6Im9sYXR1bmRlZ2FydWJhQGdtYWlsLmNvbSIsIm

JWT is a good way of securely sending information between parties. Because JWTs can be signed—for, you can be sure the senders are who they say they are. And, as the signature is generated using the header and the payload, you can also verify that the content hasn't been tampered with.

JWT can contain user information in the payload and also can be used in the session to authenticate the user.

If you want to know more about JSON Web Token, We have a very good article about it.

How to generate JWT token in Deno

First, let's set up a Deno server to accept requests, for it, we are using Oak framework, it is quite simple and few lines of codes as you can see below.

// index.ts
import { Application, Router } from "https://deno.land/x/oak/mod.ts";

const router = new Router();
router
  .get("/", (context) => {
    context.response.body = "JWT Example!";
  })

const app = new Application();
app.use(router.routes());
app.use(router.allowedMethods());

await app.listen({ port: 8000 });

Once our program is ready for accepting request Let's import djwt functions to generate JWT token, In below code we can use a secret key, expiry time for JWT token in 1 hour from the time program will run and we are using HS256 algorithm.

Add the below code in index.ts and update the router as shown below, you can now get a brand new token on http://localhost:8000/generate

// index.ts
...

import { makeJwt, setExpiration, Jose, Payload } from "https://deno.land/x/djwt/create.ts";

const key = "secret-key";
const payload: Payload = {
  iss: "Jon Doe",
  exp: setExpiration(new Date().getTime() + 60000),
};
const header: Jose = {
  alg: "HS256",
  typ: "JWT",
};


const router = new Router();
router
  .get("/", (context) => {
    context.response.body = "JWT Example!";
  })
  .get("/generate", (context) => {
    context.response.body = makeJwt({ header, payload, key }) + "\n";
  })

...

Validating a JWT token

Once you get a JWT token you can validate the token by validateJwt function in djwt, let us import the validateJwt and add one more route /validate/:token

Now you can verify any token by passing it to a route like - http://localhost:8000/validate/jwt_token (jwt_token is a placeholder, please replace it with a real JWT token)

// index.ts
...

import { validateJwt } from "https://deno.land/x/djwt/validate.ts";

...

router
  .get("/", (context) => {
    context.response.body = "JWT Example!";
  })
  .get("/generate", (context) => {
    context.response.body = makeJwt({ header, payload, key }) + "\n";
  })
  .get("/validate/:token", async (context) => {
    if ( context.params && context.params.token && (await validateJwt(context.params.token, key)).isValid) {
      context.response.body = "Valid JWT\n";
    } else {
      context.response.body = "Invalid JWT\n";
    }
  });

...

Now you know how to generate and verify a JWT token in Deno, you can easily use it in your application, The complete source code used in this blog can be found in this Github Repo



LoginRadius Docs

Implement Authentication in Minutes

click here

Most Popular Tags

EngineeringJavaScriptNodeJSCSSSecurityReactOAuthSocialLoginGoAuthentication

Are your customers safe on your application?

According to Forbes, data breaches exposed 4.1 billion records in the first six months of 2019. If this gets you worried, we’ve got your back!

LoginRadius protects your customers’ identities. We provide world-class security for your customers during login, registration, password setup, and any other data touchpoints, and make sure that their data is safe. We do so through by offering open source SDKs, integrations with over 150 third party applications, pre-designed and customizable login interfaces, and best-in-class data security products such as MFA, RBA, and Advanced Password Policies. The platform is already loved by over 3,000 businesses with a monthly reach of 1.17 billion users worldwide.Secure Your Application Now

Puneet Singh

Puneet Singh

Very curious about this world and blogging whenever learning something new

View Profile

Try a Modern Authentication Solution

$0/ month

Free Sign Up
  • 5,000 MAU
  • 1 Web or mobile app
  • Standard login
  • 3 Social Login Providers
  • Transactional Email Template
  • Customizable Login Interfaces