jwt-transform is a simple utility tool for your transforming a real jwt token into a fake jwt token, because if you store jwt token into a cookie or local storage very unsafe, your jwt token can be seen data using jwt.io website or chrome extension, if you use jwt-transform you real jwt token cannot seen using jwt.io website or chrome extension, because what you save is fake jwt token, you can get back real jwt token using decrypt method for parse fake jwt token.
npm install jwt-transform -S or yarn add jwt-transform -S-
encrypt jwt token using caesar cipher cryptography from real jwt token into fake jwt token
-
decrypt jwt token using caesar cipher cryptography from fake jwt token into real jwt token
Follow this express tutorial for example usage using express, make this as middleware for transform your fake jwt token to real token, because jwt .verify need real token, if you pass fake token jwt.verify identification your token is not valid and if you not using express, make this as middleware.
-
const { JwtTransform } = require('jwt-transform') const secretKey = 'ptLDDOU5ejqqLjlk4CpSNxvwZVxQFRmF' const accessToken = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c' const resultEncrypt = JwtTransform.transform(secretKey, accessToken, secretKey.length) console.log(resultEncrypt) // fake jwt token // kePnhMioUoPOAfO1ToOyOtX5iIO6OqvDBIP9.kePfjCOoUoOdSpS0TZE3UJqcOocohsLzFYO6OqvbgM4mXM9rOocogCL0OpudTZK2SpS5SJOelWvzRJJUA5kpwwRprq4IvYTdbcFBdWLXsL.YlrQdcXPYSkQQL2WZ4lcvSkPl36VUq6ePB_gjWyyc5i const resultDecrypt = JwtTransform.untransform(secretKey, resultEncrypt, secretKey.length) console.log(resultDecrypt) // real jwt token // eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
-
import { JwtTransform } from 'jwt-transform' const secretKey = 'ptLDDOU5ejqqLjlk4CpSNxvwZVxQFRmF' const accessToken = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c' const resultEncrypt = JwtTransform.transform(secretKey, accessToken, secretKey.length) console.log(resultEncrypt) // fake jwt token // kePnhMioUoPOAfO1ToOyOtX5iIO6OqvDBIP9.kePfjCOoUoOdSpS0TZE3UJqcOocohsLzFYO6OqvbgM4mXM9rOocogCL0OpudTZK2SpS5SJOelWvzRJJUA5kpwwRprq4IvYTdbcFBdWLXsL.YlrQdcXPYSkQQL2WZ4lcvSkPl36VUq6ePB_gjWyyc5i const resultDecrypt = JwtTransform.untransform(secretKey, resultEncrypt, secretKey.length) console.log(resultDecrypt) // real jwt token // eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
-
Testing Via Local
npm test or make test
-
Testing Via Local And Build
make build
-
Testing Via Docker
docker build -t jwt-transform or make dkb tag=jwt-transform
For information on bugs related to package libraries, please visit here
Want to make jwt-transform more perfect ? Let's contribute and follow the contribution guide.