express-jwt icon indicating copy to clipboard operation
express-jwt copied to clipboard
verified publisher icon auth0

Option to bypass token verification

Open hendrix04 opened this issue 8 years ago • 4 comments

There are situations in which a user would want to decode a JWT but not verify its authenticity. There should be an option to bypass token verification.

hendrix04 avatar Oct 11 '17 14:10 hendrix04

+1

sma530 avatar Oct 11 '17 15:10 sma530

@hendrix04 could this be related to https://github.com/auth0/express-jwt/pull/127 ?

juhaelee avatar Oct 27 '17 00:10 juhaelee

From what I can tell, #127 allows a token to not be valid but this request is for an option to decode the token and act like it validated without actually validating it.

hendrix04 avatar Oct 27 '17 01:10 hendrix04

This would also make unit testing easier. I am having trouble mocking jwt({ secret: '...' }) middleware on controllers that require authentication.

strizzwald avatar Nov 16 '17 19:11 strizzwald