2

What I want to achieve is to be able to generate JWT token for signing in user to another website which has a readme page, the JWT token should be generated on the client-side itself which is in angular. I can't seem to able to find a module which would do that for me. Angular-jwt only handles jwt token doesn't generate them. I want to do something similar to below in angular on runtime to generate the redirect link with appropriate auth_token.

The code below is how it can be done in nodejs but is there a way to make this work in angular without having to make any request to the server side?

     import 'jsonwebtoken';
     function readMeLogin(){
     const sign = require('jsonwebtoken').sign;
     const user = {
       name: 'abc', //Actual user name
       email: 'abc@gmail.com', //Actual user email
       // User's API Key
       apiKey: 'key', //STATIC
      };
      const auth_token = sign(user, 'secretKey');//STATIC
      const readMeUrl = 'url.com'; //STATIC
      return '${readMeUrl}?auth_token=${auth_token}'
      };
ShabadLamba
  • 31
  • 3
  • 4
    Call me confused, but what are you trying to accomplish that requires you to generate JWT on client-side? I guess I don't really see the use-case. – Kasey Chang May 06 '20 at 03:41
  • I am trying to redirect the user to different platform where the user already exists, but it's not a part of my platform, I have the secret key that's being used for that platform so, if I generate the JWT auth_token on client-side I won't have to communicate with any other api. Reduces a lot of unnecessary steps since it's very small feature. – ShabadLamba May 06 '20 at 05:56
  • Yeah, the problem is if you deploy the key on the client-side you won't be able to keep it secret. Someone can sniff the packets or decompile your code to find the key. If you are CERTAIN that is not a security concern, then I guess you can basically rewrite one of the JWT libs, maybe LEON, to work on client side. But there's a reason they remain server side only. – Kasey Chang May 06 '20 at 06:39
  • Thanks alot might have to reconsider, but in case we decide to go ahead with it. LEON as you mentioned is a java based library. Is there any library which is already written in javascript for client-side jwt token generation? – ShabadLamba May 06 '20 at 07:03
  • Not sure if this will help you. Good luck. https://www.jonathan-petitcolas.com/2014/11/27/creating-json-web-token-in-javascript.html – Kasey Chang May 06 '20 at 15:00
  • That's helpful, thanks. – ShabadLamba May 06 '20 at 15:05

0 Answers0