guideToken endpoint in Node.js

This article presents simple token endpoint for creating tokens.

# Dependencies

Both examples use the jsonwebtoken library for creating tokens and express to create the HTTP endpoint.

npm install express jsonwebtoken

# Examples

When creating a token endpoint to integrate with Easy Image, the token payload should contain at least the environment ID.

const express = require( 'express' );
const jwt = require( 'jsonwebtoken' );

const secretKey = 'wjcHlqytTDBhxYpWPp3NkmLJaHXzn8xWbpX7xmT7JxqQJREguXRjzKIw9L2q';
const environmentId = 'NQoFK1NLVelFWOBQtQ8A';

const app = express();

app.get( '/', ( req, res ) => {
    const result = jwt.sign( { iss: environmentId }, secretKey, { algorithm: 'HS256' } );

    res.send( result );
} );

app.listen( 8080, () => console.log( 'Listening on port 8080' ) );

To enable collaboration, you have to add user data and service permissions to the token.

const express = require( 'express' );
const jwt = require( 'jsonwebtoken' );

const secretKey = 'wjcHlqytTDBhxYpWPp3NkmLJaHXzn8xWbpX7xmT7JxqQJREguXRjzKIw9L2q';
const environmentId = 'NQoFK1NLVelFWOBQtQ8A';

const app = express();

app.get( '/', ( req, res ) => {
    const payload = {
        iss: environmentId,
        user: {
            id: '123',
            email: 'joe.doe@example.com',
            name: 'Joe Doe'
        },
        services: {
            'ckeditor-collaboration': {
                permissions: {
                    '*': 'write'
                }
            }
        }
    };

    const result = jwt.sign( payload, secretKey, { algorithm: 'HS256' } );

    res.send( result );
} );

app.listen( 8080, () => console.log( 'Listening on port 8080' ) );

When you create your own token endpoint, do not forget to authenticate the user before you send the token. You can use passport for this.

secretKey and environmentId should be replaced with keys provided by the CKEditor Ecosystem customer dashboard. User data can be taken from the session or the database. You do not need to add iat because jwt.sign() will add it by itself.

You should then pass the token to the client, for example by sending a plain string or by rendering a page that will contain this token. If the user is unauthenticated, the token endpoint should return an error or redirect to the login page. Also, you should make sure it is sent via an encrypted channel.

# Usage

Start the server by:

node server

Now you can get the token with a simple request:

http://localhost:8080/