Working with the JsonWebToken

• Overview
• An example of the token payload
• Generating the key pair
• An example of how to issue the token

Overview

We're using the JsonWebToken for user authentification. Here you can read more about this technology. You need to generate the RSA key pair, provide the public key to us, then issue and sign the JWT token with a specific payload for each user that you will forward to our verification SDK's.

An example of the token payload

{
    iss: 'yoursite', // issuer (merchant id)
    uid: 'uid123456', // user id
    iat: 1547556575863, // issued at (timestamp, number)
    exp: 1547556748663, // expiration date (timestamp, number)
    email: 'u*****[email protected]', // masked user email
    jti: '...', // additional technical data for profile decryption
    profile: { // encrypted string, given example shows decrypted profile data
        phone: {
            code: '38044',
            number: '1234567'
        },
        email: '[email protected]',
        registrationDate: '1532085830909', // timestamp, string
        registeredSystem: 'Facebook'
    }
}

Generating the key pair

openssl genrsa -out jwt-priv.key 2048
openssl rsa -in jwt-priv.key -pubout -out jwt-pub.key

An example of how to issue the token

const fs = require('fs');
const jwt = require('jsonwebtoken');

const secretKey = fs.readFileSync('./jwt-priv.key');
const publicKey = fs.readFileSync('./jwt-pub.key');

const payload = {
    uid: 'up12345', // userId
    profile: {
        email: '[email protected]',
        phone: {
            code: '38044',
            number: '1234567',
        },
    },
};
const options = {
    algorithm: 'RS256',
    issuer: 'yoursite', // merchantId
    expiresIn: '1d',
};

jwt.sign(payload, secretKey, options, (error, token) => {
    console.log('Token:', token, "\n");

    jwt.verify(token, publicKey, (error, data) => {
        console.log('Data:', data);
    });

});