When working in a ES6 module project I would like to be able to import jsonwebtoken.
A specific build for ESM/ES6 Module as other projects have, like this: https://github.com/vuejs/vue/blob/dev/dist/vue.runtime.esm.js . Or entirely switch to ESM/ES6 Modules in a new major release.
In a ESM context I know of no workarounds, except rewriting how the project exports.
Great docs on ESM over at Mozilla: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/import
Seeing this as well in the browser I get: ReferenceError: exports is not defined, coming from this dependent module: node_modules\minimalistic-crypto-utils\lib\utils.js:3:1
hello friends
awhile ago i actually created my own esm version of this library, i did something like this:
the horrendous downside is that the resulting es module weighed like 500 KB.. but it worked.. if i had automated that above process, i would share the result with you, but my es module version is now out of date
now, here's the thing: we need question why we want to sign or verify json web tokens on the clientside to begin with (if we're using node instead, then our esm node code can still import the cjs)
the use-case i had, was mocking: in mock mode, my clientside would generate and sign a number of mock tokens — being in development mode, the 500 KB jwt library was fine
however now, i want to abandon this complexity, so i'm thinking of ditching the browser work here, and only signing/verifying tokens (and signatures) on the node server — so today i'm thinking of re-engineering my frontend to use a build step to generate those mock tokens in node ahead of time
now, here's something you do need to do on the clientside: you need to decode tokens — luckily, the implementation for that is quite straightforward, my bdecode.ts module can do that
this all being said: i'd still consider it a win if this library was fully modernized and browser compatible
it's a little upsetting – the split between node crypto and browser webcrypto
🥃 chase
ES6 modules will probably be standard in the back-end world pretty soon as well. No need to have commonjs around if both browsers and node supports the same module systems. :)
ES6 modules will probably be standard in the back-end world pretty soon as well.
Right now, the latest node.js release line has ECMAScript modules labeled as experimental. We plan to support dual publish in the future once this matures (i.e. its stability rating reaches a satisfactory value)
Browser runtime remains out of scope for the jsonwebtoken library.
in the meantime i'll share how i solved my use-case by creating a helper package called redcrypto
jsonwebtoken's commonjs)and so using the above functionality, i can sign and verify tokens in node via jsonwebtoken, and also, i've architected my frontend so that in mock mode, it uses the browser-friendly mock token sign/verify functions
Any progress on this? I tend to always use import nowadays in my application so its weird to have this library as the only dependency that still uses const.
node.js now lists ESM as stable: https://nodejs.org/api/esm.html#esm_ecmascript_modules - so I see no reason not to go full blown ESM. :)
Most helpful comment
node.js now lists ESM as stable: https://nodejs.org/api/esm.html#esm_ecmascript_modules - so I see no reason not to go full blown ESM. :)