Verifying user key from a token in Node

I’m doing this;

import { decodeToken, TokenVerifier } from “jsontokens”;

const parameters = UrlParser(req.url, true);
const decodedToken = decodeToken(parameters.query.token);
const publicKey = decodedToken.payload.iss;

this is how I got user publicKey, but I couldn’t figure out how can I verify the key. In this case, I have only user token which I’m sending from react app.

any help?

Hey @mehmetkose

You can verify that key signed the token like so:

Example from

import { TokenVerifier } from 'jsontokens'
const rawPublicKey = '03fdd57adec3d438ea237fe46b33ee1e016eda6b585c3e27ea66686c2ea5358479'
const verified = new TokenVerifier('ES256K', rawPublicKey).verify(token)

If you are trying to verify that a token was signed by a particular address (e.g., like profiles are signed by the name’s owner address), you can verify that the public key is the expected one like so:

blockstack.publicKeyToAddress(publicKey) === expectedAdress
1 Like

Seems like exactly what I’m looking for. I’ll try.

1 Like

BTW where can I get rawPublicKey ?
I have only user object.