Automated Action 545563e776 Implement comprehensive real-time chat API with NestJS
- Complete NestJS TypeScript implementation with WebSocket support
- Direct messaging (DM) and group chat functionality
- End-to-end encryption with AES encryption and key pairs
- Media file support (images, videos, audio, documents) up to 100MB
- Push notifications with Firebase Cloud Messaging integration
- Mention alerts and real-time typing indicators
- User authentication with JWT and Passport
- SQLite database with TypeORM entities and relationships
- Comprehensive API documentation with Swagger/OpenAPI
- File upload handling with secure access control
- Online/offline status tracking and presence management
- Message editing, deletion, and reply functionality
- Notification management with automatic cleanup
- Health check endpoint for monitoring
- CORS configuration for cross-origin requests
- Environment-based configuration management
- Structured for Flutter SDK integration

Features implemented:
 Real-time messaging with Socket.IO
 User registration and authentication
 Direct messages and group chats
 Media file uploads and management
 End-to-end encryption
 Push notifications
 Mention alerts
 Typing indicators
 Message read receipts
 Online status tracking
 File access control
 Comprehensive API documentation

Ready for Flutter SDK development and production deployment.
2025-06-21 17:13:05 +00:00

3.1 KiB

Migration Guide

The following instructions should help in migrating to a new major version of passport-jwt.

Migrating from 3.x.x to 4.x.x

Version 4.0.0 was released to update jsonwebtoken's major version from v7 to v8 in order to fix a security issue (see #147).

Users of passport-jwt are exposed to the API of jsonwebtoken through the jsonWebTokenOptions constructor option. Therefore, a major version rev of jsonwebtoken triggered a major version rev of passport-jwt.

See the jsonwebtoken v7-v8 Migration Notes for the full details. The change in units for the maxAge attribute of jsonWebTokenOptions is likely to impact the greatest number of passport-jwt users.

Migrating from 2.x.x to 3.x.x

Version 3.0.0 removes the ExtractJwt.fromAuthHeader() extractor function that would extract JWT's from Authorization headers with the auth scheme 'jwt'. The default authorization scheme of 'jwt' as the was not RFC 6750 compliant. The extractor was replaced with ExtractJwt.fromAuthHeaderAsBearerToken(). The removal of ExtractJwt.fromAuthHeader() was done to clearly change the API so any code relying on the old API would clearly break, hopefully saving people some debugging time.

If you want to maintain the behavior of ExtractJwt.fromAuthHeader() when switching to v3.3.0, simply replace it with ExtractJwt.fromAuthHeaderWithScheme('jwt') in your implementation.

Migrating from version 1.x.x to 2.x.x

The v2 API is not backwards compatible with v1, specifically with regards to the introduction of the concept of JWT extractor functions. If you require the legacy behavior in v1 you can use the extractor function versionOneCompatibility(options)

options is an object with any of the three custom JWT extraction options present in the v1 constructor:

  • tokenBodyField: Field in a request body to search for the JWT. Default is auth_token.
  • tokenQueryParameterName: Query parameter name containing the token. Default is auth_token.
  • authScheme: Expected authorization scheme if token is submitted through the HTTP Authorization header. Defaults to JWT If in v1 you constructed the strategy like this:
var JwtStrategy = require('passport-jwt').Strategy;
var opts = {}
opts.tokenBodyField = 'MY_CUSTOM_BODY_FIELD';
opts.secretOrKey = 'secret';
opts.issuer = 'accounts.examplesoft.com';
opts.audience = 'yoursite.net';
passport.use(new JwtStrategy(opts, verifyFunction));

Identical behavior can be achieved under v2 with the versionOneCompatibility extractor:

var JwtStrategy = require('passport-jwt').Strategy,
    ExtractJwt = require('passport-jwt').ExtractJwt;
var opts = {}
opts.jwtFromRequest = ExtractJwt.versionOneCompatibility({ tokenBodyField = 'MY_CUSTOM_BODY_FIELD' });
opts.opts.secretOrKey = 'secret';
opts.issuer = 'accounts.examplesoft.com';
opts.audience = 'yoursite.net';
passport.use(new JwtStrategy(opts, verifyFunction));