Documentation WIP

piliugin-anton · piliugin-anton · commit f8c480fee7df · 2022-06-08T02:35:51.000+05:00
diff --git a/docs/Router.md b/docs/Router.md
@@ -33,15 +33,15 @@ Below is a breakdown of the `Router` object which is essentially a mini-app that
       * `max_body_length`[`Number`]: Overrides the global `Server.max_body_length` parameter used to enforce a maximum body size limit for this route.
       * `middlewares`[`Array`]: Can be used to provide route specific middlewares.
       * `jwt`[`Object`] JWT options:
-        * **secret** (required)
+        * `secret` **(required)**
           The secret can be a primitive type String, a function that returns a String or an object { private, public }.
           In this object `{ private, public }` the `private` key is a string, buffer or object containing either the secret for HMAC algorithms or the PEM encoded private key for RSA and ECDSA. In case of a private key with passphrase an object `{ private: { key, passphrase }, public }` can be used (based on [crypto documentation](https://nodejs.org/api/crypto.html#crypto_sign_sign_private_key_output_format)), in this case be sure you pass the `algorithm` inside the signing options prefixed by the `sign` key of the plugin registering options).
           In this object `{ private, public }` the `public` key is a string or buffer containing either the secret for HMAC algorithms, or the PEM encoded public key for RSA and ECDSA.
           Function based `secret` is supported by the `request.jwtVerify()` and `response.jwtSign()` methods and is called with `request`, `token`, and `callback` parameters.
 
-        * **cookie**[`Object`]
-          * **cookieName**[`String`]
-          * **signed**[`Boolean`]
+        * `cookie`[`Object`]
+          * `cookieName`[`String`]
+          * `signed`[`Boolean`]
 
           In some situations you may want to store a token in a cookie. This allows you to drastically reduce the attack surface of XSS on your web app with the `httpOnly` and `secure` flags. Cookies can be susceptible to CSRF. You can mitigate this by either setting the `sameSite` flag to `strict`, or by using a CSRF library
           The plugin will fallback to looking for the token in the authorization header if either of the following happens (even if the cookie option is enabled):
