Skip to content

Commit

Permalink
docs: make decode impossible to discover before verify
Browse files Browse the repository at this point in the history
see #741
  • Loading branch information
panva authored and Marcos Castany committed Sep 10, 2020
1 parent 15a1bc4 commit a46097e
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -231,6 +231,9 @@ jwt.verify(token, getKey, options, function(err, decoded) {

```

<details>
<summary><em></em>Need to peak into a JWT without verifying it? (Click to expand)</summary>

### jwt.decode(token [, options])

(Synchronous) Returns the decoded payload without verifying if the signature is valid.
Expand Down Expand Up @@ -259,6 +262,8 @@ console.log(decoded.header);
console.log(decoded.payload)
```

</details>

## Errors & Codes
Possible thrown errors during verification.
Error is the first argument of the verification callback.
Expand Down

0 comments on commit a46097e

Please # to comment.