asyavee/medusa-store
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
develop
medusa-store/www/apps/resources/app/commerce-modules/user/module-options/page.mdx
Shahed Nasser 38d486bec0 docs: document asymmetric encryption (#13922)
2025-10-31 12:55:22 +02:00

184 lines
4.4 KiB
Plaintext
Raw Permalink Blame History

---
sidebar_label: "Module Options"
---
import { Table } from "docs-ui"
export const metadata = {
title: `User Module Options`,
}
# {metadata.title}
In this guide, you'll learn about the options you can pass to the User Module.
## Options Example
```ts title="medusa-config.ts"
module.exports = defineConfig({
// ...
modules: [
{
resolve: "@medusajs/medusa/user",
options: {
jwt_secret: process.env.JWT_SECRET,
jwt_public_key: process.env.JWT_PUBLIC_KEY,
valid_duration: 60 * 60 * 24, // 24 hours
jwt_options: {
algorithm: process.env.JWT_ALGORITHM || "RS256",
issuer: process.env.JWT_ISSUER || "medusa",
},
jwt_verify_options: {
algorithms: [process.env.JWT_ALGORITHM || "RS256"],
issuer: process.env.JWT_ISSUER || "medusa",
},
},
},
],
})
```
### Environment Variables
Make sure to add the necessary environment variables for the above options to your `.env` file:
```bash
JWT_SECRET=supersecret
# Optional: For asymmetric key validation
JWT_PUBLIC_KEY=your_public_key_here
JWT_ALGORITHM=RS256
JWT_ISSUER=medusa
```
### All Options
<Table>
<Table.Header>
<Table.Row>
<Table.HeaderCell>Option</Table.HeaderCell>
<Table.HeaderCell>Description</Table.HeaderCell>
<Table.HeaderCell className="w-[15%]">Required</Table.HeaderCell>
<Table.HeaderCell className="w-[15%]">Default</Table.HeaderCell>
</Table.Row>
</Table.Header>
<Table.Body>
<Table.Row>
<Table.Cell>
`jwt_secret`
</Table.Cell>
<Table.Cell>
A string indicating the secret used to sign the invite tokens.
</Table.Cell>
<Table.Cell>
Yes
</Table.Cell>
<Table.Cell>
\-
</Table.Cell>
</Table.Row>
<Table.Row>
<Table.Cell>
`jwt_public_key`
</Table.Cell>
<Table.Cell>
A string indicating the public key used to verify JWT tokens when using asymmetric validation. Only used when the JWT secret is a private key for asymmetric signing.
Learn more in the [Asymmetric Encryption](!docs!/learn/configurations/medusa-config/asymmetric-encryption) guide.
</Table.Cell>
<Table.Cell>
No
</Table.Cell>
<Table.Cell>
\-
</Table.Cell>
</Table.Row>
<Table.Row>
<Table.Cell>
`valid_duration`
</Table.Cell>
<Table.Cell>
A number indicating the duration in seconds that an invite token is valid. This is used to set the expiration time for invite tokens.
</Table.Cell>
<Table.Cell>
No
</Table.Cell>
<Table.Cell>
`86400` seconds (`1` day)
</Table.Cell>
</Table.Row>
<Table.Row>
<Table.Cell>
`jwt_options`
</Table.Cell>
<Table.Cell>
An object containing options for signing JWT tokens when using asymmetric signing with a private/public key pair. Accepts any options from [jsonwebtoken's SignOptions](https://github.com/auth0/node-jsonwebtoken#usage), such as `algorithm`. If `expiresIn` is provided here, it will be used as a fallback if `valid_duration` is not set.
Learn more in the [Asymmetric Encryption](!docs!/learn/configurations/medusa-config/asymmetric-encryption) guide.
</Table.Cell>
<Table.Cell>
No
</Table.Cell>
<Table.Cell>
`{}`
</Table.Cell>
</Table.Row>
<Table.Row>
<Table.Cell>
`jwt_verify_options`
</Table.Cell>
<Table.Cell>
An object containing options for verifying JWT tokens when using asymmetric validation with a private/public key pair. Accepts any options from [jsonwebtoken's VerifyOptions](https://github.com/auth0/node-jsonwebtoken#jwtverifytoken-secretorpublickey-options-callback), such as `algorithms`. If not provided, the `jwt_options` will be used for verification.
Learn more in the [Asymmetric Encryption](!docs!/learn/configurations/medusa-config/asymmetric-encryption) guide.
</Table.Cell>
<Table.Cell>
No
</Table.Cell>
<Table.Cell>
Value of `jwt_options`
</Table.Cell>
</Table.Row>
</Table.Body>
</Table>
Reference in New Issue View Git Blame Copy Permalink