PR: 2023 Update and elixir example #104 + #117

.dockerignore

@@ -0,0 +1,5 @@
+fly.toml
+Dockerfile
+.dockerignore
+node_modules
+.git

.github/dependabot.yml

@@ -0,0 +1,8 @@
+version: 2
+updates:
+- package-ecosystem: npm
+  directory: "/"
+  schedule:
+    interval: daily
+    time: "07:00"
+    timezone: Europe/London

.github/workflows/ci.yml

@@ -0,0 +1,33 @@
+# This workflow will do a clean install of node dependencies, cache/restore them, build the source code and run tests across different versions of node
+# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
+
+name: Node.js CI
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [16.x]
+        # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v2
+      with:
+        node-version: ${{ matrix.node-version }}
+        cache: 'npm'
+    - run: npm ci
+#     - run: npm run build --if-present
+    - run: npm test
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v1 

.gitignore

@@ -10,8 +10,9 @@ pids
 # Directory for instrumented libs generated by jscoverage/JSCover
 lib-cov
 
-# Coverage directory used by tools like istanbul
+# Coverage directory used by tools like nyc
 coverage
+.nyc_output
 
 # Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
 .grunt
@@ -27,4 +28,3 @@ node_modules
 # Users Environment Variables
 .lock-wscript
 example/lib/db
-package-lock.json

Dockerfile

@@ -0,0 +1,36 @@
+FROM debian:bullseye as builder
+
+ARG NODE_VERSION=18.12.1
+
+RUN apt-get update; apt install -y curl python-is-python3 pkg-config build-essential
+RUN curl https://get.volta.sh | bash
+ENV VOLTA_HOME /root/.volta
+ENV PATH /root/.volta/bin:$PATH
+RUN volta install node@${NODE_VERSION}
+
+#######################################################################
+
+RUN mkdir /app
+WORKDIR /app
+
+# NPM will not install any package listed in "devDependencies" when NODE_ENV is set to "production",
+# to install all modules: "npm install --production=false".
+# Ref: https://docs.npmjs.com/cli/v9/commands/npm-install#description
+
+ENV NODE_ENV production
+
+COPY . .
+
+RUN npm install
+FROM debian:bullseye
+
+LABEL fly_launch_runtime="nodejs"
+
+COPY --from=builder /root/.volta /root/.volta
+COPY --from=builder /app /app
+
+WORKDIR /app
+ENV NODE_ENV production
+ENV PATH /root/.volta/bin:$PATH
+
+CMD [ "npm", "run", "start" ]

README.md

@@ -1,19 +1,21 @@
+<div align="ceter"
+>
 ![JWT logo wider](https://i.imgur.com/qDOOu4o.jpg)
 
-# Learn how to use *JSON Web Tokens* (JWT) for *Authentication*
+# Learn how to use *JSON Web Tokens* (JWT) for *Auth*.
 
 ![dilbert fixed the internet](https://i.imgur.com/cNElVof.jpg)
 
 Learn how to use JSON Web Token (JWT) to *secure* your Web and/or Mobile Application!
 
-[![Build Status](https://img.shields.io/travis/dwyl/learn-json-web-tokens/master.svg?style=flat-square)](https://travis-ci.org/dwyl/learn-json-web-tokens)
-[![codecov.io](https://img.shields.io/codecov/c/github/dwyl/learn-json-web-tokens/master.svg?style=flat-square)](https://codecov.io/github/dwyl/learn-json-web-tokens?branch=master)
+[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/dwyl/learn-json-web-tokens/Node.js%20CI?style=flat-square)](https://github.com/dwyl/learn-json-web-tokens/actions)
+[![codecov.io](https://img.shields.io/codecov/c/github/dwyl/learn-json-web-tokens/master.svg?style=flat-square)](https://codecov.io/github/dwyl/learn-json-web-tokens?branch=main)
 [![codeclimate-maintainability](https://img.shields.io/codeclimate/maintainability/dwyl/learn-json-web-tokens.svg?style=flat-square)](https://codeclimate.com/github/dwyl/learn-json-web-tokens/maintainability)
-[![Dependencies Status](https://david-dm.org/dwyl/learn-json-web-tokens/status.svg?style=flat-square)](https://david-dm.org/dwyl/learn-json-web-tokens)
-[![devDependencies Status](https://david-dm.org/dwyl/learn-json-web-tokens/dev-status.svg?style=flat-square)](https://david-dm.org/dwyl/learn-json-web-tokens?type=dev)
 [![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat-square)](https://github.com/dwyl/learn-json-web-tokens/issues)
 [![HitCount](https://hits.dwyl.com/dwyl/learn-json-web-tokens.svg)](https://hits.dwyl.io/dwyl/learn-json-web-tokens)
 
+</div>
+
 
 ## *Why*?
 
@@ -81,8 +83,8 @@ Claims are the predefined **keys** and their **values**:
 + **iss**: issuer of the token
 + **exp**: the expiration timestamp (reject tokens which have expired). Note: as defined in the spec, this must be in seconds.
 + **iat**: The time the JWT was issued. Can be used to determine the age of the JWT
-+ **nbf**: "not before" is a future time when the token will become active.
 + **jti**: unique identifier for the JWT. Used to prevent the JWT from being re-used or replayed.
++ **nbf**: "not before" is a future time when the token will become active. (optional)
 + **sub**: subject of the token (rarely used)
 + **aud**: audience of the token (also rarely used)
 
@@ -162,9 +164,9 @@ its pretty safe to compute them synchronously.
 
 > Tip: If you're looking for a ***Full Featured*** **JWT Auth Hapi.js plugin** (which does the verification/validation *asynchronously*) for your Hapi.js-based app please check out: [https://github.com/**dwyl/hapi-auth-jwt2**](https://github.com/dwyl/hapi-auth-jwt2)
 
-## Tests
+## Tests 
 
-You may have noticed the [![Build Status][travis-image]][travis-url] badge at the *start* of this tutorial.
+You may have noticed the [![GitHub Workflow Status](https://img.shields.io/github/workflow/status/dwyl/learn-json-web-tokens/Node.js%20CI?style=flat-square)](https://github.com/dwyl/learn-json-web-tokens/actions) badge at the *start* of this tutorial.
 This is a sign the author(s) are not just *cobbling* code together.
 The tests for both the server routes and helper functions are in: **/example/test**
 

example/server.js

@@ -1,6 +1,6 @@
 var port = process.env.PORT || 1337; // let heroku define port or use 1337
 var http = require('http');          // core node.js http (no frameworks)
-var url = require('url');            // core node.js url (no frameworks)
+var url  = require('url');           // core node.js url (no frameworks)
 var app  = require('./lib/helpers'); // auth, token verification & render helpers
 var c    = function(res){ /*  */ };
 
@@ -14,4 +14,4 @@ http.createServer(function (req, res) {
   else                          { app.notFound(res);                } // 404 error
 }).listen(port);
 
-console.log("Visit: http://127.0.0.1:" + port);
+console.info("Visit: http://127.0.0.1:" + port);

fly.toml

@@ -0,0 +1,37 @@
+# fly.toml file generated for learn-jwt on 2023-02-08T13:49:12Z
+
+app = "learn-jwt"
+kill_signal = "SIGINT"
+kill_timeout = 5
+processes = []
+
+[env]
+
+[experimental]
+  auto_rollback = true
+
+[[services]]
+  http_checks = []
+  internal_port = 8080
+  processes = ["app"]
+  protocol = "tcp"
+  script_checks = []
+  [services.concurrency]
+    hard_limit = 25
+    soft_limit = 20
+    type = "connections"
+
+  [[services.ports]]
+    force_https = true
+    handlers = ["http"]
+    port = 80
+
+  [[services.ports]]
+    handlers = ["tls", "http"]
+    port = 443
+
+  [[services.tcp_checks]]
+    grace_period = "1s"
+    interval = "15s"
+    restart_limit = 0
+    timeout = "2s"