NAME
Dancer2::Plugin::JWT - JSON Web Token made simple for Dancer2
SYNOPSIS
use Dancer2;
use Dancer2::Plugin::JWT;
post '/login' => sub {
if (is_valid(param("username"), param("password"))) {
jwt { username => param("username") };
template 'index';
}
else {
redirect '/';
}
};
get '/private' => sub {
my $data = jwt;
redirect '/ unless exists $data->{username};
...
};DESCRIPTION
Registers the jwt keyword that can be used to set or retrieve the payload of a JSON Web Token.
To this to work it is required to have a secret defined in your config.yml file:
plugins:
JWT:
secret: "string or path to private RSA\EC key"
alg: HS256 # default, or others supported by Crypt::JWT
enc: # required onlt for JWE
need_iat: 1 # add issued at field
need_nbf: 1 # check not before field
need_exp: 600 # in seconds
need_leeway: 30 # timeshift for expirationBUGS
I am sure a lot. Please use GitHub issue tracker here.
ACKNOWLEDGEMENTS
To Lee Johnson for his talk "JWT JWT JWT" in YAPC::EU::2015.
To Yuji Shimada for JSON::WebToken.
To Nuno Carvalho for brainstorming and help with testing.
COPYRIGHT AND LICENSE
Copyright 2015 Alberto Simões, all rights reserved.
This module is free software and is published under the same terms as Perl itself.
AUTHOR
Alberto Simões <ambs@cpan.org>