Call jwt.decode with the expected algorithms

This commit is contained in:
Tim Farrell 2024-02-01 14:52:46 -06:00
parent e15dbdc46a
commit 4fceb404bd

View file

@ -48,7 +48,7 @@ def create_token(data: dict, expires_delta: Union[timedelta, None] = None) -> st
def decode_token(token: str) -> Optional[dict]: def decode_token(token: str) -> Optional[dict]:
try: try:
decoded = jwt.decode(token, SESSION_SECRET) decoded = jwt.decode(token, SESSION_SECRET, algorithms=[ALGORITHM])
return decoded return decoded
except Exception as e: except Exception as e:
return None return None