← Back to all products

JWT Library

$9

Create and validate JSON Web Tokens with HS256, claims validation, expiration, and refresh.

📁 9 files
JSONMarkdownPython

📄 Product Preview

Try the interactive reader and demo tools below, or get the full product with all content unlocked.

📖 Interactive Reader (Free Preview) ⚙ Try Demo Tools 📦 Download Free Sample

📁 File Structure 9 files

jwt-library/ ├── LICENSE ├── README.md ├── examples/ │ └── config.example.json ├── free-sample.zip ├── guide/ │ ├── 01_jwt-library.md │ ├── 02_features.md │ └── 03_quick-start.md ├── index.html └── src/ └── main.py

📖 Documentation Preview README excerpt

JWT Library

Create and validate JSON Web Tokens with HS256, claims validation, expiration checking, and token refresh. Zero dependencies.

Part of the Auth Vault toolkit by [CodeVault](https://codevault.dev).

Features

  • HS256 (HMAC-SHA256) signing and verification
  • Standard claims validation: exp, nbf, iss, aud, sub, iat, jti
  • Automatic expiration checking with configurable clock skew tolerance
  • Token refresh with rotation detection
  • Base64url encoding/decoding per RFC 7515
  • Custom claims support for application-specific data
  • CLI tool for generating, decoding, and validating tokens
  • Zero dependencies — Python stdlib only

Quick Start


# Create a JWT
python3 src/main.py create --sub user123 --scopes read write --ttl 3600

# Decode a token (without validation)
python3 src/main.py decode --token eyJhbGciOiJIUzI1NiJ9...

# Validate a token
python3 src/main.py validate --token eyJhbGciOiJIUzI1NiJ9...

# Refresh a token
python3 src/main.py refresh --token eyJhbGciOiJIUzI1NiJ9...

Using as a Library


from main import JWTManager

jwt = JWTManager(secret="your-secret-min-32-chars-long!!", issuer="myapp")

# Create a token
token = jwt.create(
    subject="user123",
    claims={"role": "admin", "scopes": ["read", "write"]},
    ttl_seconds=3600,
)

# Validate and decode
payload = jwt.validate(token)
print(f"Subject: {payload['sub']}")
print(f"Expires: {payload['exp']}")

# Check if token is expired
is_valid, error = jwt.is_valid(token)

Claims Reference

ClaimTypeDescription

... continues with setup instructions, usage examples, and more.

📄 Code Sample .py preview

src/main.py #!/usr/bin/env python3 """ JWT Library — Create and Validate JSON Web Tokens =================================================== A lightweight JWT implementation supporting HS256 (HMAC-SHA256) signing with standard claims validation (exp, nbf, iss, aud, sub), custom claims, and token refresh patterns. Why stdlib-only? Because PyJWT pulls in cryptography which pulls in OpenSSL bindings which break on half the CI systems out there. This implementation handles 90% of real-world JWT needs with zero deps. Note: RS256 requires the `rsa` stdlib module (available in Python 3.x via hashlib + manual RSA). For full RS256 with key loading, see the examples/ directory. Zero dependencies. Import or run as CLI. Part of the Auth Vault toolkit by DataNest. License: MIT """ from __future__ import annotations import base64 import hashlib import hmac import json import logging import os import secrets import time from dataclasses import dataclass from datetime import datetime, timezone, timedelta from typing import Any # --------------------------------------------------------------------------- # Configuration # --------------------------------------------------------------------------- DEFAULT_SECRET = os.environ.get("JWT_SECRET", "CHANGE_ME_IN_PRODUCTION_" + secrets.token_hex(16)) DEFAULT_ALGORITHM = "HS256" DEFAULT_ISSUER = "auth-vault" DEFAULT_EXPIRY_SECONDS = 3600 # 1 hour CLOCK_SKEW_SECONDS = 30 # Tolerance for clock differences between servers logging.basicConfig( level=logging.INFO, format="%(asctime)s [%(levelname)s] %(message)s", # ... 371 more lines ...
Buy Now — $9 Back to Products