@clowk/express

Express middleware for Clowk authentication

Install

npm install @clowk/express @clowk/core

Overview

Express middleware that verifies JWTs and attaches the authenticated user to req.clowk.user.

What it provides:

  • ClowkExpressMiddleware() — middleware factory
  • req.clowk.user — the decoded user after verification
  • req.clowk.userId — shortcut for the user ID

ClowkExpressMiddleware

import { ClowkExpressMiddleware } from '@clowk/express'

const auth = ClowkExpressMiddleware()

Options

OptionTypeDefaultDescription
onError(err, req, res, next) => voidReturns 401Custom error handler
extractToken(req) => string | nullAuto-detectCustom token extractor

Token extraction order

The middleware looks for the JWT in this order:

  1. Query parameter: ?token=eyJ...
  2. Cookie: clowk_token
  3. Authorization header: Bearer eyJ...

req.clowk

After successful verification, req.clowk contains:

interface ClowkRequest {
  user: {
    id: string
    email: string
    name: string
    provider: string
    iat: number
    exp: number
  }
  userId: string
}

Error handling

By default, invalid or missing tokens return a 401 response:

{ "error": "Unauthorized" }

Customize with onError:

const auth = ClowkExpressMiddleware({
  onError: (err, req, res, next) => {
    res.status(401).json({ error: err.message })
  },
})

Next steps

@clowk/nextjs

Next.js integration for Clowk authentication

@clowk/hono

Hono middleware for Clowk authentication

On this page

Install
Overview
ClowkExpressMiddleware
Options
Token extraction order
req.clowk
Error handling
Next steps