6min

JWT Auth

JSON Web Tokens (JWT) help secure communication between two systems. Signing a JWT allows the receiver to trust the sender or "issuer". This process provides a stateless approach to authentication.  A key, secret, and connection string are created for you when you create a new hyper cloud application.  
Don't share your secret or connection string!Hyper uses the HS algorithm. HS algorithms require sharing a secret. Remember to keep the secret and connection string in a secure place. DO NOT SHARE ON VERSION CONTROL. DO NOT STORE IN YOUR SOURCE CODE WHERE IT CAN BE EXPOSED ON THE CLIENT SUCH AS THE WEB BROWSER.
When making raw HTTP calls using a utility such as cURL, you won't have the ability to use hyper-connect.  Here's how to create a JSON Web Token (JWT) using your hyper cloud application's connection string and NodeJS.
Create a hyper app in the cloud. Go to https://dashboard.hyper.io, sign in with your GitHub account, and create a new application. 
Click the ﻿App Keys tab on the application page and copy the connection string.
Example hyper cloud app keys
﻿
Create a .env file.  Within the .env file, create an environment variable named HYPER.  
Paste the connection string as the value of the HYPER environment variable:
JS
|
HYPER=[connection string here]
HYPER=[connection string here]
﻿
Install the following dependencies using npm or yarn:
dotenv
jsonwebtoken
Node.js
|
require('dotenv').config()

const HYPER = process.env.HYPER
const jwt = require('jsonwebtoken')
const { username, password } = new URL(HYPER)

const payload = {
  sub: username
}

const algorithm = "HS256"

const signJWT = (payload, secret, algorithm) =>
  Promise.resolve(jwt.sign(payload, secret, { algorithm }));

signJWT(payload, password, algorithm).then(jwt => console.log({ jwt }))
require('dotenv').config()

const HYPER = process.env.HYPER
const jwt = require('jsonwebtoken')
const { username, password } = new URL(HYPER)

const payload = {
  sub: username
}

const algorithm = "HS256"

const signJWT = (payload, secret, algorithm) =>
  Promise.resolve(jwt.sign(payload, secret, { algorithm }));

signJWT(payload, password, algorithm).then(jwt => console.log({ jwt }))
﻿
Using hyper-connectConsuming your hyper cloud application is secured using a Bearer token, provided in an Authorization header. See ﻿﻿JWT Auth for details on creating a bearer token using your hyper cloud application key pair.
Alternatively, Deno and NodeJS may simply use the hyper-connect module, which automatically generates a short-lived JWT for you on each request, using your hyper cloud application connection string.
Node.js
|
// hyper cloud urls follow this pattern: 
// https://cloud.hyper.io/:appname/:servicetype/:servicename
import { connect } from 'hyper-connect'

const hyper = connect(process.env.HYPER);

const result = await hyper.data.list({limit: 2}) // creates a short-lived jwt for you

console.log(result)

/* =>
{
  ok: true,
  docs: [
    {
      id: 'movie-1',
      title: 'Ghostbusters',
      type: 'movie',
      year: '1983'
    },
    { id: 'movie-2', title: 'Dune', type: 'movie', year: '1985' }
  ]
}
*/
// hyper cloud urls follow this pattern: 
// https://cloud.hyper.io/:appname/:servicetype/:servicename
import { connect } from 'hyper-connect'

const hyper = connect(process.env.HYPER);

const result = await hyper.data.list({limit: 2}) // creates a short-lived jwt for you

console.log(result)

/* =>
{
  ok: true,
  docs: [
    {
      id: 'movie-1',
      title: 'Ghostbusters',
      type: 'movie',
      year: '1983'
    },
    { id: 'movie-2', title: 'Dune', type: 'movie', year: '1985' }
  ]
}
*/
﻿
﻿

Updated 16 Aug 2022

Did this page help you?

Yes

UP NEXT

Data API

Docs powered by archbee

TABLE OF CONTENTS

Don't share your secret or connection string!

Using hyper-connect