In this blog, we’ll see how to create and validate a JWT(JSON Web Token) in Deno. For this, we’ll be using djwt, the absolute minimum library to make JSON Web Tokens in deno and Oak framework
Before You Get Started
This tutorial assumes you have:
- A basic understanding of JavaScript and Deno
- Latest Deno version installed on your system
What is JWT?
JSON Web Token is an internet standard used to create tokens for an application. These tokens hold JSON data and are cryptographically signed.
Here is how a sample Json Web Token looks like
1eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6Im9sYXR1bmRlZ2FydWJhQGdtYWlsLmNvbSIsImJWT is a good way of securely sending information between parties. Because JWTs can be signed—for, you can be sure the senders are who they say they are. And, as the signature is generated using the header and the payload, you can also verify that the content hasn't been tampered with.
JWT can contain user information in the payload and also can be used in the session to authenticate the user.
Know more about JSON Web Token.
How to generate JWT token in Deno
First, let's set up a Deno server to accept requests, for it, we are using Oak framework, it is quite simple and few lines of codes as you can see below.
1// index.ts
2import { Application, Router } from "https://deno.land/x/oak/mod.ts";
3const router = new Router();
4router
5.get("/", (context) => {
6context.response.body = "JWT Example!";
7})
8const app = new Application();
9app.use(router.routes());
10app.use(router.allowedMethods());
11await app.listen({ port: 8000 });Once our program is ready for accepting request Let's import djwt functions to generate JWT token, In below code we can use a secret key, expiry time for JWT token in 1 hour from the time program will run and we are using HS256 algorithm.
Add the below code in index.ts and update the router as shown below, you can now get a brand new token on http://localhost:8000/generate
1// index.ts
2...
3import { makeJwt, setExpiration, Jose, Payload } from "https://deno.land/x/djwt/create.ts";
4const key = "secret-key";
5const payload: Payload = {
6iss: "Jon Doe",
7exp: setExpiration(new Date().getTime() + 60000),
8};
9const header: Jose = {
10alg: "HS256",
11typ: "JWT",
12};
13const router = new Router();
14router
15.get("/", (context) => {
16context.response.body = "JWT Example!";
17})
18.get("/generate", (context) => {
19context.response.body = makeJwt({ header, payload, key }) + "\n";
20})
21...Validating a JWT token
Once you get a JWT token you can validate the token by validateJwt function in djwt, let us import the validateJwt and add one more route /validate/:token
Now you can verify any token by passing it to a route like - http://localhost:8000/validate/jwt_token (jwt_token is a placeholder, please replace it with a real JWT token)
1// index.ts
2...
3import { validateJwt } from "https://deno.land/x/djwt/validate.ts";
4...
5router
6.get("/", (context) => {
7context.response.body = "JWT Example!";
8})
9.get("/generate", (context) => {
10context.response.body = makeJwt({ header, payload, key }) + "\n";
11})
12.get("/validate/:token", async (context) => {
13if ( context.params && context.params.token && (await validateJwt(context.params.token, key)).isValid) {
14context.response.body = "Valid JWT\n";
15} else {
16context.response.body = "Invalid JWT\n";
17}
18});
19...Now you know how to generate and verify a JWT token in Deno, you can easily use it in your application, The complete source code used in this blog can be found in this Github Repo
