CODEWITHSUNDEEP
javascriptnode.jsexpressjwt
coder
coder

Reputation: 538

How to expire token in jwt-simple?

I just implemented jwt-simple,on my backend in nodejs.i want to expire token by given time. 

 var jwt = require('jwt-simple');
    Schema.statics.encode = (data) => {
    return JWT.encode(data, CONSTANT.ADMIN_TOKEN_SECRET, 'HS256');
};
Schema.statics.decode = (data) => {
    return JWT.decode(data, CONSTANT.ADMIN_TOKEN_SECRET);
};

how to add expires time in jwt-simple

Upvotes: 4

Views: 8906

Answers (5)

Chintan7027
Chintan7027

Reputation: 7625

To be more precise, add exp attribute in your data object where exp is expiry time in unix format.

e.g.

var data = {"data":["some data"],exp:16872131302}
var jwt = require('jwt-simple');
    Schema.statics.encode = (data) => {
    return JWT.encode(data, CONSTANT.ADMIN_TOKEN_SECRET, 'HS256');
};
Schema.statics.decode = (data) => {
     return JWT.decode(data, CONSTANT.ADMIN_TOKEN_SECRET);
};

Upvotes: 1

Stan Luo
Stan Luo

Reputation: 3889

There is no default exp. Two ways you can add it mannually:

  1. With plain js:

    iat: Math.round(Date.now() / 1000), exp: Math.round(Date.now() / 1000 + 5 * 60 * 60)

  2. With moment.js:

    iat: moment().unix(), exp: moment().add(5, 'hours').unix()

Source from original Github repository.

Upvotes: 5

miguelaeh
miguelaeh

Reputation: 101

You can use the exp field in the payload before calling the create function and for example you can use moment to get the time and add whatever you want. If you want to check if the token is expired or other type of error you can use jwt-simple-error-identify instead.

In his documentation there is an example of that.
https://www.npmjs.com/package/jwt-simple-error-identify

Upvotes: 0

Caio Santos
Caio Santos

Reputation: 1

Use jsonwebtoken instead.

https://github.com/auth0/node-jsonwebtoken

const jwt = require(`jsonwebtoken`)

const token = jwt.sign({
  data: 'foobar'
}, 'secret', { expiresIn: '1h' });

Upvotes: 0

David Alexander Linares Villam
David Alexander Linares Villam

Reputation: 21

You can validate your token with a expirate date in the passport Strategy function, like this: 

passport.use(new JwtStrategy(opts, function(jwt_payload, done){
    User.find({id: jwt_payload.id}, function(err, user){
        if (err) {
            return done(err, false, {message: "Incorrect Token!!"});
        }
        if (user) {
            if (user[0].token_expiration_date <= Date.now()){
                return done(null, false, {message: "Expired Token"});
            }else{
                return done(null, user);
            }
        }else{
            return done(null, false, {message: "Incorrect Token"});
        }

    });
}));

Hope that this can help you.

Upvotes: 1

Related Questions