NAME

Dancer2::Plugin::JWT - JSON Web Token made simple for Dancer2

SYNOPSIS

use Dancer2;
use Dancer2::Plugin::JWT;

post '/login' => sub {
    if (is_valid(param("username"), param("password"))) {
       jwt { username => param("username") };
       template 'index';
    }
    else {
        redirect '/';
    }
};

get '/private' => sub {
    my $data = jwt;
    redirect '/ unless exists $data->{username};

    ...
};

hook 'plugin.jwt.jwt_exception' => sub {
    my $error = shift;
    # do something
};

DESCRIPTION

Registers the jwt keyword that can be used to set or retrieve the payload of a JSON Web Token.

To this to work it is required to have a secret defined in your config.yml file:

plugins:
   JWT:
       secret: "string or path to private RSA/EC key"
       # default, or others supported by Crypt::JWT
       alg: HS256
       # required only for JWE
       enc:
       # add issued at time (iat) field
       need_iat: 1
       # check not before field
       need_nbf: 1
       # in seconds
       need_exp: 600
       # timeshift for expiration
       need_leeway: 30
       # JWT cookie domain, in case you need to override it
       cookie_domain: my_domain.com
       # Attach Authorization header to HTTP response
       set_authorization_header: 0
       # Attach 'Access-Control-Expose-Headers: Authorization' header to HTTP response
       expose_authorization_header: 0
       # Attach Set-Cookie header to HTTP response
       set_cookie_header: 0
       # Attach Location header to HTTP response when response is 300-399
       # e.g. redirect
       set_location_header: 0

NOTE: A empty call (without arguments) to jwt will trigger the exception hook if there is no jwt defined.

NOTE: If you are using JWT to authenticate an API call to return, e.g. JSON, not a web page to display, be sure to set the config items set_authorization_header, expose_authorization_header, set_cookie_header and set_location_header so you don't return any unnecessary headers.

BUGS

I am sure a lot. Please use GitHub issue tracker here.

ACKNOWLEDGEMENTS

To Lee Johnson for his talk "JWT JWT JWT" in YAPC::EU::2015.

To Nuno Carvalho for brainstorming and help with testing.

To user2014, thanks for making the module use Crypt::JWT.

COPYRIGHT AND LICENSE

This module is free software and is published under the same terms as Perl itself.

AUTHOR

Alberto Simões <ambs@cpan.org>

To install Dancer2::Plugin::JWT, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Dancer2::Plugin::JWT

CPAN shell

perl -MCPAN -e shell
install Dancer2::Plugin::JWT

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)