# JWT
(opens new window) 
(opens new window)
npm install @feathersjs/authentication --save
The JWTStrategy is an authentication strategy included in @feathersjs/authentication for authenticating JSON web token service methods calls and HTTP requests, e.g.
{
"strategy": "jwt",
"accessToken": "<your JWT>"
}
# Options
header(default:'Authorization'): The HTTP header containing the JWTschemes(default:[ 'Bearer', 'JWT' ]): An array of schemes to support
The default settings support passing the JWT through the following HTTP headers:
Authorization: <your JWT>
Authorization: Bearer <your JWT>
Authorization: JWT <your JWT>
Standard JWT authentication can be configured with those options in config/default.json like this:
{
"authentication": {
"jwt": {}
}
}
Note: Since the default options are what most clients expect for JWT authentication they usually don't need to be customized.
# JwtStrategy
# getEntity(id, params)
jwtStrategy.getEntity(id, params) returns the entity instance for id, usually entityService.get(id, params). It will not be called if entity in the authentication configuration is set to null.
# authenticate(data, params)
jwtStrategy.authenticate(data, params) will try to verify data.accessToken by calling the strategies authenticationService.verifyAccessToken.
Returns a promise that resolves with the following format:
{
[entity],
accessToken,
authentication: {
strategy: 'jwt',
payload
}
}
Note: Since the JWT strategy returns an
accessTokenproperty (the same as the token sent to this strategy), that access token will also be returned by authenticationService.create instead of creating a new one.
# getEntityQuery(params)
Returns the query to use when calling entityService.get (default: {}).
# parse(req, res)
Parse the HTTP request headers for JWT authentication information. Returns a promise that resolves with either null or data in the form of:
{
strategy: '<strategy name>',
accessToken: '<access token from HTTP header>'
}