Tags: MeStrak/passport-jwt
Tags
Version 4.0.0 Fixes mikenicholson#147 - Vulnerability due to dependency on jsonwebtoken 7.x.x
Version 3.0.0 Features mikenicholson#108 secretOrKey can be provided by a function evaluated on each request mikenicholson#113 Allow implemented to provide jwtOptions to pass additional options to jwt verifier Bug Fixes mikenicholson#118 Auth header scheme comparison is case insensitive
[Updated] v1.1.1 -> v1.2.1 New Features: mikenicholson#25 Added algorithms option to allow user to specify allowabe JWT signing algorithms. mikenicholson#13 Add ignoreExpiration option to allow user to skip validation of token's expiration date. Bug Fixes: mikenicholson#30 Fixed typos in unit test strings
[Update] v1.1.0 -> v1.1.1 Bug Fixes: mikenicholson#22 variable 'leaked' into global space mikenicholson#17 potential crash if request.url is missing token property Misc: Various README cleanups
[Update] v1.0.1 -> 1.1.0 Fixes security issue with old jsonwebtoken dependency https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/ Jwt can now be passed via query parameter.
PreviousNext