Comprehensive Guide to `fastify-jwt` A Powerful JWT Plugin for Fastify

Posted on by vero

Welcome to the Comprehensive Guide to `fastify-jwt`

The `fastify-jwt` plugin simplifies the process of managing JSON Web Tokens (JWT) in Fastify applications. This guide introduces the `fastify-jwt` plugin, explains its APIs with helpful code snippets, and shares a practical app example using these APIs. By the end, you should have a solid understanding of how to integrate and use JWT with your Fastify applications.

Getting Started with `fastify-jwt`

To begin, install `fastify` and `fastify-jwt`:

  npm install fastify fastify-jwt

Registering the Plugin

First, register the `fastify-jwt` plugin with your Fastify instance:

  const fastify = require('fastify')(); fastify.register(require('fastify-jwt'), {
  secret: 'supersecret'
});

Creating a JWT

Use the `sign` API to create a new JWT:

  fastify.post('/login', async (request, reply) => {
  const token = fastify.jwt.sign({ userId: 1 });
  return { token };
});

Verifying a JWT

Use the `verify` API to verify an existing JWT:

  fastify.get('/private', async (request, reply) => {
  try {
    await request.jwtVerify();
    return { message: 'You have access!' };
  } catch (err) {
    reply.send(err);
  }
});

Decoding a JWT

Use the `decode` API to decode a JWT without verifying:

  fastify.get('/decode', async (request, reply) => {
  const token = request.headers.authorization.split(' ')[1];
  const decoded = fastify.jwt.decode(token);
  return { decoded };
});

Full Example: Fastify App with JWT Authentication

Here’s a complete Fastify application demonstrating login, access to private routes, and decoding JWTs:

  const fastify = require('fastify')(); fastify.register(require('fastify-jwt'), {
  secret: 'supersecret'
});
fastify.post('/login', async (request, reply) => {
  const token = fastify.jwt.sign({ userId: 1 });
  return { token };
});
fastify.get('/private', async (request, reply) => {
  try {
    await request.jwtVerify();
    return { message: 'You have access!' };
  } catch (err) {
    reply.send(err);
  }
});
fastify.get('/decode', async (request, reply) => {
  const token = request.headers.authorization.split(' ')[1];
  const decoded = fastify.jwt.decode(token);
  return { decoded };
});
fastify.listen(3000, err => {
  if (err) throw err;
  console.log('Server running at http://localhost:3000/');
});

Conclusion

The `fastify-jwt` plugin provides a powerful and efficient way to handle JWTs in Fastify applications. By utilizing the APIs introduced, you can easily create, verify, and decode JWTs for robust authentication and authorization. We hope this guide has helped you get started with `fastify-jwt` and provided useful examples to integrate into your Fastify projects.

Hash: dbc8d36074bc6828d85c90e32213d957f2c4e289d29f36abf3016249db3afadd

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts