
- Complete NestJS TypeScript implementation with WebSocket support - Direct messaging (DM) and group chat functionality - End-to-end encryption with AES encryption and key pairs - Media file support (images, videos, audio, documents) up to 100MB - Push notifications with Firebase Cloud Messaging integration - Mention alerts and real-time typing indicators - User authentication with JWT and Passport - SQLite database with TypeORM entities and relationships - Comprehensive API documentation with Swagger/OpenAPI - File upload handling with secure access control - Online/offline status tracking and presence management - Message editing, deletion, and reply functionality - Notification management with automatic cleanup - Health check endpoint for monitoring - CORS configuration for cross-origin requests - Environment-based configuration management - Structured for Flutter SDK integration Features implemented: ✅ Real-time messaging with Socket.IO ✅ User registration and authentication ✅ Direct messages and group chats ✅ Media file uploads and management ✅ End-to-end encryption ✅ Push notifications ✅ Mention alerts ✅ Typing indicators ✅ Message read receipts ✅ Online status tracking ✅ File access control ✅ Comprehensive API documentation Ready for Flutter SDK development and production deployment.
3.1 KiB
Migration Guide
The following instructions should help in migrating to a new major version of passport-jwt.
Migrating from 3.x.x to 4.x.x
Version 4.0.0 was released to update jsonwebtoken's major version from v7 to v8 in order to fix a security issue (see #147).
Users of passport-jwt
are exposed to the API of jsonwebtoken
through the jsonWebTokenOptions
constructor option. Therefore, a major version rev of jsonwebtoken
triggered a major version rev
of passport-jwt
.
See the
jsonwebtoken v7-v8 Migration Notes
for the full details. The change in units for the maxAge
attribute of jsonWebTokenOptions
is
likely to impact the greatest number of passport-jwt
users.
Migrating from 2.x.x to 3.x.x
Version 3.0.0 removes the ExtractJwt.fromAuthHeader()
extractor function that would extract
JWT's from Authorization
headers with the auth scheme 'jwt'. The default authorization scheme
of 'jwt' as the was not RFC 6750 compliant. The extractor was replaced with
ExtractJwt.fromAuthHeaderAsBearerToken()
. The removal of ExtractJwt.fromAuthHeader()
was done
to clearly change the API so any code relying on the old API would clearly break, hopefully saving
people some debugging time.
If you want to maintain the behavior of ExtractJwt.fromAuthHeader()
when switching to v3.3.0, simply
replace it with ExtractJwt.fromAuthHeaderWithScheme('jwt')
in your implementation.
Migrating from version 1.x.x to 2.x.x
The v2 API is not backwards compatible with v1, specifically with regards to the introduction
of the concept of JWT extractor functions. If you require the legacy behavior in v1 you can use
the extractor function versionOneCompatibility(options)
options is an object with any of the three custom JWT extraction options present in the v1 constructor:
tokenBodyField
: Field in a request body to search for the JWT. Default is auth_token.tokenQueryParameterName
: Query parameter name containing the token. Default is auth_token.authScheme
: Expected authorization scheme if token is submitted through the HTTP Authorization header. Defaults to JWT If in v1 you constructed the strategy like this:
var JwtStrategy = require('passport-jwt').Strategy;
var opts = {}
opts.tokenBodyField = 'MY_CUSTOM_BODY_FIELD';
opts.secretOrKey = 'secret';
opts.issuer = 'accounts.examplesoft.com';
opts.audience = 'yoursite.net';
passport.use(new JwtStrategy(opts, verifyFunction));
Identical behavior can be achieved under v2 with the versionOneCompatibility extractor:
var JwtStrategy = require('passport-jwt').Strategy,
ExtractJwt = require('passport-jwt').ExtractJwt;
var opts = {}
opts.jwtFromRequest = ExtractJwt.versionOneCompatibility({ tokenBodyField = 'MY_CUSTOM_BODY_FIELD' });
opts.opts.secretOrKey = 'secret';
opts.issuer = 'accounts.examplesoft.com';
opts.audience = 'yoursite.net';
passport.use(new JwtStrategy(opts, verifyFunction));