diff --git a/LICENSE b/LICENSE index 9b533a7..8244556 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2014 Anatoly +Copyright (c) 2014 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal @@ -18,4 +18,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. \ No newline at end of file +SOFTWARE. diff --git a/README.md b/README.md index c709742..fb32052 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ luajwt JSON Web Tokens for Lua ```bash -# luarocks install --server=http://rocks.moonscript.org luajwt +$ sudo luarocks install --server=http://rocks.moonscript.org luajwt ``` ## Usage @@ -12,51 +12,57 @@ JSON Web Tokens for Lua Basic usage: ```lua -local luajwt = require "luajwt" +local jwt = require "luajwt" local key = "example_key" -local claim = { +local payload = { iss = "12345678", - nbf = 1405108000, + nbf = os.time(), exp = os.time() + 3600, } -local alg = "HS256" -- (default: HS256) -local token, err = luajwt.encode(claim, key, alg) +-- encode +local alg = "HS256" -- (default) +local token, err = jwt.encode(payload, key, alg) --- Token: (linebreaks added for readability) ---[[ eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiIxMjM0NTY3OC -IsIm5iZiI6MTQwNTEwODAwMCwiZXhwIjoxNDA1MTgxOTE2fQ._Gvr99eMoi0mWxI -xWOIAexN7UXO06GbpnEgkxdQkeXQ ]]-- +-- token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiIx(cutted)... -local validate = true -- validate exp and nbf (default: true) -local decoded, err = luajwt.decode(token, key, validate) +-- decode and validate +local validate = true -- validate signature, exp and nbf (default: true) +local decoded, err = jwt.decode(token, key, validate) + +-- decoded: { ["iss"] = 12345678, ["nbf"] = 1405108000, ["exp"] = 1405181916 } + +-- only decode +local unsafe, err = jwt.decode(token) + +-- unsafe: { ["iss"] = 12345678, ["nbf"] = 1405108000, ["exp"] = 1405181916 } --- Decoded: { ["iss"] = 12345678, ["nbf"] = 1405108000, ["exp"] = 1405181916 } ``` -An openresty/ngx_lua example: +An openresty/nginx lua jwt auth example: ``` +# nginx.conf location /auth { content_by_lua ' - local luajwt = require "luajwt" + local jwt = require "luajwt" local args = ngx.req.get_uri_args(1) if not args.jwt then - ngx.say("Undefined token") - return + + return ngx.say("Where is token?") end - local key = "SECRET_PASSWORD" + local key = "SECRET" - local ok, err = luajwt.decode(args.jwt, key) + local ok, err = jwt.decode(args.jwt, key) if not ok then - ngx.say("Error: ", err) - return + + return ngx.say("Error: ", err) end ngx.say("Welcome!") @@ -67,7 +73,7 @@ location /auth { Generate token and try: ```bash -curl your.server/auth?jwt=TOKEN +$ curl your.server/auth?jwt=TOKEN ``` ## Algorithms diff --git a/example.lua b/example.lua index 25f7f10..d2e1eda 100755 --- a/example.lua +++ b/example.lua @@ -15,24 +15,22 @@ local function t2s(o) end -- -local luajwt = require "luajwt" +local JWT = require "luajwt" local key = "example_key" local claim = { iss = "12345678", - nbf = 1405108000, + nbf = os.time(), exp = os.time() + 3600, } local alg = "HS256" -- default alg -local token, err = luajwt.encode(claim, key, alg) +local token, err = JWT.encode(claim, key, alg) -print("Token:") -print(token, err, "\n") +print("Token:", token) local validate = true -- validate exp and nbf (default: true) -local decoded, err = luajwt.decode(token, key, validate) +local decoded, err = JWT.decode(token, key, validate) -print("Claim:") -print(t2s(decoded), err) +print("Claim:", t2s(decoded) ) diff --git a/luajwt-1.2-2.rockspec b/luajwt-1.3-1.rockspec similarity index 93% rename from luajwt-1.2-2.rockspec rename to luajwt-1.3-1.rockspec index cdf55f4..7229672 100644 --- a/luajwt-1.2-2.rockspec +++ b/luajwt-1.3-1.rockspec @@ -1,9 +1,9 @@ package = "luajwt" -version = "1.2-2" +version = "1.3-1" source = { url = "git://github.com/x25/luajwt", - tag = "v1.2" + tag = "v1.3" } description = { diff --git a/luajwt.lua b/luajwt.lua index d0f7ccc..aa011e3 100644 --- a/luajwt.lua +++ b/luajwt.lua @@ -57,9 +57,9 @@ local function tokenize(str, div, len) return result end -local luajwt = {} +local M = {} -function luajwt.encode(data, key, alg) +function M.encode(data, key, alg) if type(data) ~= 'table' then return nil, "Argument #1 must be table" end if type(key) ~= 'string' then return nil, "Argument #2 must be string" end @@ -85,13 +85,10 @@ function luajwt.encode(data, key, alg) return table.concat(segments, ".") end -function luajwt.decode(data, key, verify) +function M.decode(data, key, verify) + if key and verify == nil then verify = true end if type(data) ~= 'string' then return nil, "Argument #1 must be string" end - if type(key) ~= 'string' then return nil, "Argument #2 must be string" end - - if verify == nil then - verify = true - end + if verify and type(key) ~= 'string' then return nil, "Argument #2 must be string" end local token = tokenize(data, '.', 3) @@ -109,7 +106,7 @@ function luajwt.decode(data, key, verify) end) if not ok then - return nil, "Invalid token data" + return nil, "Invalid json" end if verify then @@ -123,15 +120,15 @@ function luajwt.decode(data, key, verify) end if body.exp and os.time() >= body.exp then - return nil, "Invalid exp value" + return nil, "Invalid exp" end if body.nbf and os.time() < body.nbf then - return nil, "Invalid nbf value" + return nil, "Invalid nbf" end end return body end -return luajwt +return M