Vals using jsonwebtoken

Authentication middleware Guards your public http vals behind a login page. This val use a json web token stored as an http-only cookie to persist authentication. Usage Set an AUTH_SECRET_KEY env variable (used to sign/verify jwt tokens). Use an API token to authenticate. import { auth } from "https://esm.town/v/pomdtr/auth_middleware"; async function handler(req: Request): Promise<Response> { return new Response("You are authenticated!"); } export default auth(handler); See @pomdtr/test_auth for an example ⚠️ Make sure to only provides your api token to vals you trust (i.e. your own), as it gives access to your whole account.

Authentication middleware Guards your public http vals behind a login page. This val use a json web token stored as an http-only cookie to persist authentication. Usage Set an AUTH_SECRET_KEY env variable (used to sign/verify jwt tokens) to a random string . Then use an API token to authenticate. import { auth } from "https://esm.town/v/pomdtr/auth_middleware"; async function handler(req: Request): Promise<Response> { return new Response("You are authenticated!"); } export default auth(handler); See @pomdtr/test_auth for an example ⚠️ Make sure to only provides your api token to vals you trust (i.e. your own), as it gives access to your whole account.

assertBearerToken This val can be used to assert that a valid bearer token exists and has been signed by the secret provided. Example const handler = (req, res) => { const authorization = req.get('authorization'); // throws if invalid const token = @neverstew.assertBearerToken(@me.secrets.superSecret, authorization); res.json(token); }