NodeJs jsonwebtoken calculate "iat" and "exp"

7
votes

I'm setting up an API in NodeJs and Express and I use JWT for authentication, which works really nice. The one thing I have not been able to figure out is how determine the exact date and time which associated with the IAT value. I know it's based on milliseconds, but I cannot relate this back to a date. The official JWT specification says:(https://www.rfc-editor.org/rfc/rfc7519#page-10)

4.1.6. "iat" (Issued At) Claim The "iat" (issued at) claim identifies the time at which the JWT was issued. This claim can be used to determine the age of the JWT. Its value MUST be a number containing a NumericDate value. Use of this claim is OPTIONAL.

For example:

"iat": 1479203274,
"exp": 1479205074,

Any ideas?

Thanks

2
node.jsjwt

2 Answers

8
votes

You can build a date from a unix timestamp in milliseconds by doing

var date = new Date( timestamp )

So in your case, try doing :

var date = new Date( parseInt("1479203274") * 1000 )

The *1000 is to convert seconds to milliseconds. The parseInt is not necessary since javascript cast automatically the express to an number. It's just to make it cleared in intent.

0
votes

You don't want to specify the current timestamp if you follow the below. The current timestamp and expire timestamp will be taken automatically.

const jwt = require("jsonwebtoken");
...

const payload = {
        "iss": "<your iss>",
        "sub": "<your sub>",
        "aud": "<your aud>"
    };
const privateKey = fs.readFileSync(`my_sig_key.pem`);

const signed = jwt.sign(payload, privateKey, {
    algorithm: '<Your Algorithm>'
    expiresIn: '5s' //Its expires in 5seconds. You can set minute, hour too.
});

console.log("signed", signed);

And the final payload in the JWT will be

{
  "iss": "<your iss>",
  "sub": "<your sub>",
  "aud": "<your aud>",
  "iat": 1645869827,
  "exp": 1645869947
}