Added nbf and exp support

2021-05-23 22:41:35 +02:00
parent e34e1aedab
commit 8d9f70ca36
3 changed files with 80 additions and 45 deletions
--- a/README.md
+++ b/README.md
@@ -6,6 +6,7 @@ A lightweight JWT implementation with ZERO dependencies for Cloudflare Workers.

 - [Install](#install)
 - [Usage](#usage)
+- [Examples](#examples)

 ## Install

@@ -15,21 +16,6 @@ npm i @tsndr/cloudflare-worker-jwt

 ## Usage

-### Simple Example
-
-```javascript
-const jwt = require('@tsndr/cloudflare-worker-jwt')
-
-// Creating a token
-const token = jwt.sign({ name: 'John Doe', email: 'john.doe@gmail.com' }, 'secret')
-
-// Verifing token
-const isValid = jwt.verify(token, 'secret')
-
-// Decoding token
-const payload = jwt.decode(token)
-```
-
 <hr>

 ### `jwt.sign(payload, secret, [algorithm])`
@@ -40,7 +26,7 @@ Signs a payload and returns the token.

 Argument    | Type     | Satus    | Default | Description
 ----------- | -------- | -------- | ------- | -----------
-`payload`   | `object` | required | -       | The payload object
+`payload`   | `object` | required | -       | The payload object. To use `nbf` (Not Before) and/or `exp` (Expiration Time) add `nbf` and/or `exp` to the payload.
 `secret`    | `string` | required | -       | A string which is used to sign the payload.
 `algorithm` | `string` | optional | `HS256` | The algorithm used to sign the payload, possible values: `HS256` or `HS512`

@@ -60,17 +46,58 @@ Argument    | Type     | Satus    | Default | Description
 `algorithm` | `string` | optional | `HS256` | The algorithm used to sign the payload, possible values: `HS256` or `HS512`

 #### `return`
-returns `boolean`
+Returns `true` if signature, `nbf` (if set) and `exp` (if set) are valid, otherwise returns `false`. 

 <hr>

 ### `jwt.decode(token)`

-Returns the payload without verifying the integrity of the token.
+Returns the payload **without** verifying the integrity of the token. Please use `jwt.verify()` first to keep your application secure!

 Argument    | Type     | Satus    | Default | Description
 ----------- | -------- | -------- | ------- | -----------
 `token`     | `string` | required | -       | The token string generated by `jwt.sign()`.

 #### `return`
-returns payload `object`
+Returns payload `object`.
+
+## Examples
+
+### Basic Example
+
+```javascript
+async () => {
+    const jwt = require('@tsndr/cloudflare-worker-jwt')
+
+    // Creating a token
+    const token = await jwt.sign({ name: 'John Doe', email: 'john.doe@gmail.com' }, 'secret')
+
+    // Verifing token
+    const isValid = await jwt.verify(token, 'secret')
+
+    // Decoding token
+    const payload = jwt.decode(token)
+}
+```
+
+### Restrict Timeframe
+
+```javascript
+async () => {
+    const jwt = require('@tsndr/cloudflare-worker-jwt')
+
+    // Creating a token
+    const token = await jwt.sign({
+        name: 'John Doe',
+        email: 'john.doe@gmail.com',
+        nbf: Math.floor(Date.now() / 1000) + (60 * 60),      // Not before: Now + 1h
+        exp: Math.floor(Date.now() / 1000) + (2 * (60 * 60)) // Expires: Now + 2h
+    }, 'secret')
+
+    // Verifing token
+    const isValid = await jwt.verify(token, 'secret') // false
+
+    // Decoding token
+    const payload = jwt.decode(token) // { name: 'John Doe', email: 'john.doe@gmail.com', ... }
+}
+```