How to access the 'extra' information on the client side?

auth0-blog / nodejs-jwt-authentication-sample

A NodeJS API that supports username and password authentication with JWTs

MIT License

688 stars 267 forks source link

How to access the 'extra' information on the client side? #8

Closed stenio123 closed 8 years ago

stenio123 commented 8 years ago

Thank you for the great code!

I have a question - the returning token contains the username and the 'extra' field. However since they seem to be encrypted, how will my client decrypt that without including the secret on the client side?

Thank you!

stenio123 commented 8 years ago

Got it! From the issues of "express-jwt":

the token payload is not encrypted just base64-url encoded and digital signed.

I just needed to use the jwt-decode module on the client side to decode. Thank you!