Closed gswalden closed 6 years ago
maxAge verification option expects seconds or a string describing a time span (i.e: '2 days'). It accepted milliseconds in v7, which did not make sense since JWTs times are expressed in seconds.
I suppose this could affect passport-jwt
users, so not sure if this should be a major
version or patch
.
Is this landing anytime soon?
Still no Update?
Any updates on this? The package currently relies on a now-vulnerable version of jsonwebtoken
(see #147), so acceptance of this PR would be greatly appreciated! 🙂
I am afraid the original author is not going to look at this any time soon.
@XVincentX we've gone ahead and forked this repo & updated the dependency -- feel free to use it: https://github.com/CenterHealth/passport-jwt
@JulianLaval do you mind publishing it to npm please?
@kujon Happy to, although I'm guessing I'd probably revert back to the original if it ever gets updated. Would it maybe be preferable to reference the fork from your package.json
?
// In your dependencies
"passport-jwt": "centerhealth/passport-jwt"
NPM explicitly supports GitHub URLs, see here.
If you'd still like me to publish on NPM, let me know!
@themikenicholson Any news?
Updated to 8.2.0.
Didn't merge this PR since I went with the latest version of jsonwebtoken
. Thanks for bringing it to my attention.
I'm very sorry for taking so long to get to this. Life got busy for a few months.
The jsonwebtoken migration guide does not note any breaking changes related to this library's usage. All tests pass.
Closes #131