Spraypaint the isomorphic, framework-agnostic Graphiti ORM


Spraypaint supports JSON Web Tokens. These can be set manually, or automatically fetched from localStorage.

To set manually:

ApplicationRecord.jwt = 'myt0k3n'

All requests will now send the header:
Authorization: Token token="myt0k3n".

To set via localStorage, simply store the token with a key of jwt and it will be set automatically. To customize the localStorage key:

ApplicationRecord.jwtStorage = "authtoken"

…or to opt-out of localStorage altogether:

ApplicationRecord.jwtStorage = false

You can control the format of the header that is sent to the server:

  class ApplicationRecord extends SpraypaintBase {
    // ... code ...
    static generateAuthHeader(token) {
      return `Bearer ${token}`
  var ApplicationRecord = SpraypaintBase.extend({
    // ... code ...
    static: {
      generateAuthHeader: function(token) {
        return "Bearer " + token;

Finally, if your server returns a refreshed JWT within the X-JWT header, it will be used in all subsequent requests (and localStorage will be updated automatically if you’re using it).