File

spec/util_jwt_spec.lua @ 11409:d30c44a829c1

net.http.server: Set request.ip so mod_http doesn't have to Because it already sets request.secure, which depends on the connection, just like the IP, so it makes sense to do both in the same place. Dealing with proxies can be left to mod_http for now, but maybe it could move into some util some day?
author Kim Alvefur <zash@zash.se>
date Sat, 27 Feb 2021 21:37:16 +0100 (2021-02-27)
parent 10661:4eee1aaa9405
child 12696:27a72982e331
line wrap: on
line source
local jwt = require "util.jwt";

describe("util.jwt", function ()
	it("validates", function ()
		local key = "secret";
		local token = jwt.sign(key, { payload = "this" });
		assert.string(token);
		local ok, parsed = jwt.verify(key, token);
		assert.truthy(ok)
		assert.same({ payload = "this" }, parsed);
	end);
	it("rejects invalid", function ()
		local key = "secret";
		local token = jwt.sign("wrong", { payload = "this" });
		assert.string(token);
		local ok = jwt.verify(key, token);
		assert.falsy(ok)
	end);
end);