Skip to content

raksbisht/is-jwt-token

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package.json
package.json
 
 

Repository files navigation

is-jwt-token

A lightweight utility to validate JWT (JSON Web Token) format. This package provides a single function to quickly check if a string is a properly formatted JWT token.

Features

  • Zero dependencies - Lightweight and secure
  • Single function - Simple and focused API
  • Fast validation - Optimized for performance
  • TypeScript friendly - Works with TypeScript projects
  • Comprehensive validation - Validates structure, encoding, and JSON format
  • Production ready - Thoroughly tested

Installation

npm install is-jwt-token

Usage

const isJWT = require('is-jwt-token');

// Valid JWT token
const validToken = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c';

console.log(isJWT(validToken)); // true

// Invalid tokens
console.log(isJWT('invalid.token')); // false
console.log(isJWT('not-a-token')); // false
console.log(isJWT(null)); // false
console.log(isJWT('')); // false
console.log(isJWT('   ')); // false (whitespace only)

API

isJWT(token)

Validates if a string is a properly formatted JWT token.

Parameters:

  • token (any): The token to validate

Returns: boolean - True if token is valid JWT format, false otherwise

Examples

Basic Usage

const isJWT = require('is-jwt-token');

const userToken = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.abc123';

if (isJWT(userToken)) {
  console.log('Valid JWT token format');
  // Proceed with token verification using other libraries
} else {
  console.log('Invalid token format');
}

Express.js Middleware

const isJWT = require('is-jwt-token');

function validateJWTFormat(req, res, next) {
  const authHeader = req.headers.authorization;
  const token = authHeader?.startsWith('Bearer ') 
    ? authHeader.substring(7) 
    : null;
  
  if (!isJWT(token)) {
    return res.status(400).json({ 
      error: 'Invalid JWT token format' 
    });
  }
  
  req.token = token;
  next();
}

app.use('/api/protected', validateJWTFormat);

Input Validation

const isJWT = require('is-jwt-token');

function processToken(userInput) {
  if (!isJWT(userInput)) {
    throw new Error('Invalid JWT format');
  }
  
  // Continue with signature verification, etc.
  return verifyTokenSignature(userInput);
}

What This Package Validates

Token structure - Ensures exactly 3 parts separated by dots
Base64url encoding - Validates proper encoding of each part
JSON format - Ensures header and payload are valid JSON
Required fields - Checks header contains 'alg' property
Edge cases - Handles null, undefined, empty strings, whitespace

What This Package Does NOT Do

Signature verification - Does not verify cryptographic signatures
Token generation - Does not create JWT tokens
Expiration checking - Does not validate exp claims
Claim validation - Does not validate token claims

Note: This package only validates JWT format. For complete JWT functionality including signature verification, use libraries like jsonwebtoken.

License

MIT

About

A lightweight utility to validate JWT (JSON Web Token) format. This package provides a single function to quickly check if a string is a properly formatted JWT token.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Contributors

Languages