Function claimCheck

Check the token's claims using a custom method that receives the {@Link JWTPayload} and should return true if the token is valid. Raises a 401 invalid_token error if the function returns false. You can also customise the error_description which should be formatted per rfc6750.

app.use(auth());

app.get('/admin/edit', claimCheck((claims) => {
  return claims.isAdmin && claims.roles.includes('editor');
}, `Unexpected 'isAdmin' and 'roles' claims`), (req, res) => { ... });
Copy