tsndr/cloudflare-worker-jwt
1
0
Fork 0
Code Activity

Destructure payload from decode function properly

Browse Source 
The decode function returns an object containing a header and payload properties. Assigning the whole object to payload fails nbf and exp checks on verify JWT as those properties not found in decode return object directly. Instead, destructure payload property from decode return data that contains those values and check them correctly.

Signed-off-by: ZèD <imzihad@gmail.com>
This commit is contained in:
ZèD
2022-06-22 12:06:50 +06:00
committed by GitHub
parent e521f4684d
commit 1e4df43a5d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
index.js
View File

@@ -94,7 +94,7 @@ class JWT {
const importAlgorithm = this.algorithms[options.algorithm] const importAlgorithm = this.algorithms[options.algorithm]
if (!importAlgorithm) if (!importAlgorithm)
throw new Error('algorithm not found') throw new Error('algorithm not found')
const payload = this.decode(token) const { payload } = this.decode(token)
if (payload.nbf && payload.nbf > Math.floor(Date.now() / 1000)) { if (payload.nbf && payload.nbf > Math.floor(Date.now() / 1000)) {
if (options.throwError) if (options.throwError)
throw 'NOT_YET_VALID' throw 'NOT_YET_VALID'