JWT Claims Extractor - Meander Platform | Generated by Eircodex v4.0

Infrastructure low complexity Shared Component mobilebackend

0

Dependencies

3

Dependents

2

Entities

0

Integrations

Description

Shared utility used by both the mobile app and the Next.js backend to decode and validate JWT access tokens and extract role, organisation ID, and user ID claims. On mobile it runs without network access to read claims from the stored token. On the backend it also verifies the signature against the configured signing secret.

Feature: Role-Based Access Control

jwt-claims-extractor

Responsibilities

Decode JWT payload without network access for mobile claim reading
Verify JWT signature and expiry on the backend
Extract typed role claim as a UserRole enum value
Extract organisation ID claim for tenant scoping
Return null or throw on invalid or expired tokens

Interfaces

decodePayload(token: String) -> JwtPayload

extractRole(token: String) -> UserRole

extractOrgId(token: String) -> String

extractUserId(token: String) -> String

isExpired(token: String) -> bool

verifySignature(token: String, secret: String) -> bool

Relationships

Dependents (3)

Components that depend on this component

service Role Guard Service service Permission Validation Middleware data Permission Store

Related Data Entities (2)

Data entities managed by this component

User 21 fields core User Role 11 fields configuration