fastjwt

Release 2.0.1

A Simple and fast D implementation of JSON Web Tokens

Repository Dub D

Keywords
application, web, library, vibed, auth, optimized_cpu, dlang, jwt, user-auth, viber
License
Other
Install
dub fetch fastjwt --version 2.0.1

Documentation

FastJWT

Dub version

FastJWT is a very fast, vibe.d focused Json Web Token (JWT) implementation that tries to avoid the use of the GC. If the the JWT is shorter than 512 charaters no memory will be allocated. If it is longer the memory will be automatically allocated and free by the used StringBuffer.

Performance comparision with LDC calling encode/decode 50000 times: https://github.com/burner/dlang_jwt_benchmark

fastjwt : 309 ms, 474 μs, and 3 hnsecs

jwtd : 499 ms, 281 μs, and 9 hnsecs

jwt : 2 secs, 233 ms, 331 μs, and 3 hnsecs

Example

The following example shows an examplary use of the fastjwt library in combiation with vibe.d. To use the /secureapi endpoint the JWT created by the /login entpoint needs to be send to the in the request header in the authentication field with the Bearer prefix to.

import vibe.d;

import fastjwt.jwt;
import stringbuffer;

string secret = "SuperStrongPassword";
JWTAlgorithm algo = JWTAlgorithm.HS512;

shared static this()
{
	auto settings = new HTTPServerSettings;
	settings.port = 8080;
	settings.bindAddresses = ["::1", "127.0.0.1"];

	auto router = new URLRouter();
	router.get("/login", &login);
	router.get("/secureapi", &validator!securedApi);

	listenHTTP(settings, router);
	logInfo("Please open http://127.0.0.1:8080/ in your browser.");
}

// Get a new JWTToken
void login(HTTPServerRequest req, HTTPServerResponse res) {
	StringBuffer buf;
	encodeJWTToken(buf, algo, secret, "sub", 1337);
	res.writeBody(buf.getData());
}

// An example validator function that can be used as a template to custom
// validator function. See the router in the shared statis this for its usage.
void validator(alias fun)(HTTPServerRequest req,
		HTTPServerResponse res)
{
	import std.algorithm.searching : startsWith;

	auto authStr = "Authorization";
	auto bearer = "Bearer ";

	if(authStr !in req.headers || !req.headers[authStr].startsWith(bearer)) {
		res.writeBody("Get out, you're not welcome");
		return;
	}

	// Make sure that no reference of any StringBuffer do not escape, as their
	// stored data will be freed.
	StringBuffer header;
	StringBuffer payload;

	const rslt = decodeJWTToken(req.headers[authStr][bearer.length .. $],
			secret, algo, header, payload);

	if(rslt > 0) {
		res.writeBody("Your token was not OK");
		return;
	}

	//
	// Here you would parse payload into Json and see if you find the data
	// you were expecting
	//

	fun(req, res);
}

// If you JWTToken is not ok you cannot use this api.
void securedApi(HTTPServerRequest req, HTTPServerResponse res) {
	res.writeBody("Here is your secure api!");
}

Stats

Dependencies
2
Dependent packages
2
Dependent repositories
0
Total releases
7
Latest release
First release
Stars
4
Forks
3
Watchers
2
Contributors
3
Repository size
19.5 KB
SourceRank
9

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

2.0.1
2.0.0
1.1.1
1.1.0
1.0.0
0.0.2
0.0.1

Contributors

Robert Schadek Eliott phebert5009


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2024-04-24 01:02:59 UTC