Check if JWT token is expired without cryptographic verification
Examines the token's payload to determine if it has expired by comparing
the 'exp' claim with the current timestamp. This check is performed without
cryptographic verification, making it suitable for quick expiration checks
before attempting more expensive verification operations.
The function safely handles malformed tokens by returning true (expired)
for any token that cannot be parsed, ensuring secure-by-default behavior.
Parameters
token: string
JWT token string to check for expiration
Returns boolean
True if token is expired or malformed, false if still valid
Example
// Check token expiration before verification consttoken = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...';
if (isTokenExpired(token)) { console.log('Token has expired'); // Redirect to login or refresh token } else { console.log('Token is still valid'); // Proceed with API request }
Example
// Use in authentication middleware for early filtering if (isTokenExpired(accessToken)) { // Try to refresh token instead of verification returnrefreshTokens(); }
Check if JWT token is expired without cryptographic verification
Examines the token's payload to determine if it has expired by comparing the 'exp' claim with the current timestamp. This check is performed without cryptographic verification, making it suitable for quick expiration checks before attempting more expensive verification operations.
The function safely handles malformed tokens by returning true (expired) for any token that cannot be parsed, ensuring secure-by-default behavior.