-
Notifications
You must be signed in to change notification settings - Fork 102
Claim validation
Victor Oliveira Nascimento edited this page Sep 18, 2015
·
1 revision
Joken supports custom validation of claims. You can register functions to be called upon verifying a token. After the compact token has its signature verified, Joken parses the token JSON representation and checks its map to see if there is a function to validate each claim. Example:
import Joken
alias Joken.Token
token = %Token{}
|> with_iat # same as with_claim_generator("iat", fn -> current_time() end)
|> with_validation("iat", &(&1 < current_time))
|> with_signer(hs256("secret"))
token
|> sign # this generates the compact token and keeps it in Joken.Token.token
|> get_compact # returns a binary that you can send back to the user
# this performs signature verification and functions validation
# when this is called, the value in the "iat" claim must be before current_time()
token
|> with_compact_token(some_binary_sent_by_the_user) # some binary sent by the user
|> verify