restify-jwt-community

2.0.0 verified Sat Apr 25 auth: no javascript

JWT authentication middleware for Restify, current stable version 2.0.0 (released 2023-03-27). This community-maintained fork validates JSON Web Tokens and sets req.user on incoming requests. It builds on auth0/express-jwt and the original restify-jwt, but uses restify's built-in error objects. Maintenance cadence is low (last release v2.0.0, prior updates were mostly lockfile maintenance). Compared to express-jwt, this is tailored specifically for Restify and uses restify errors.

Common errors

error Error: secret must be provided ↓

cause No secret was passed to the jwt middleware.

fix

Pass a secret or a function returning a secret: jwt({ secret: 'my-secret' })

error TypeError: restify_jwt_community_1.default is not a function ↓

cause Using ES6 import syntax with CommonJS require incorrectly.

fix

Use correct import: import jwt from 'restify-jwt-community' or const jwt = require('restify-jwt-community')

error UnauthorizedError: No authorization token was found ↓

cause Request did not include an Authorization header with a Bearer token.

fix

Include an Authorization header with value 'Bearer <token>' in the request.

Warnings

gotcha Failing to call next() after res.send may cause hanging requests ↓

fix Ensure you call return next() after res.send() in route handlers.

gotcha The middleware requires a restify server; do not use with Express or other frameworks ↓

fix Check that you are using restify, not express. This package is incompatible with Express.

gotcha The middleware will throw if no secret is provided ↓

fix Always provide a secret or a function that returns a secret to jwt().

Install

npm install restify-jwt-community

yarn add restify-jwt-community

pnpm add restify-jwt-community

Imports

jwt

wrong

const jwt = require('restify-jwt-community').default

correct

import jwt from 'restify-jwt-community'

Default import; common mistake is to use .default when importing in CommonJS.

jwt
```
const jwt = require('restify-jwt-community')
```
CommonJS require returns the default export directly, no .default needed.

UnauthorizedError

wrong

const UnauthorizedError = require('restify-jwt-community').UnauthorizedError

correct

import { UnauthorizedError } from 'restify-jwt-community'

Named export; ensure correct casing (UnauthorizedError, not unauthorizedError).

Quickstart

Basic setup of Restify server with JWT middleware for a protected route.

import restify from 'restify';
import jwt from 'restify-jwt-community';

const server = restify.createServer();

server.use(restify.plugins.bodyParser());
server.use(jwt({ secret: process.env.JWT_SECRET || 'your-secret-key' }));

server.get('/protected', (req, res, next) => {
  res.send(200, { user: req.user });
  return next();
});

server.listen(3000, () => {
  console.log('Server listening on port 3000');
});