From 1e4df43a5d6b468842b8631d56057d8f21966cf0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Z=C3=A8D?= <imzihad@gmail.com>
Date: Wed, 22 Jun 2022 12:06:50 +0600
Subject: [PATCH] Destructure payload from decode function properly
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The decode function returns an object containing a header and payload properties. Assigning the whole object to payload fails nbf and exp checks on verify JWT as those properties not found in decode return object directly. Instead, destructure payload property from decode return data that contains those values and check them correctly.

Signed-off-by: ZèD <imzihad@gmail.com>
---
 index.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.js b/index.js
index e47ba01..4266fad 100644
--- a/index.js
+++ b/index.js
@@ -94,7 +94,7 @@ class JWT {
         const importAlgorithm = this.algorithms[options.algorithm]
         if (!importAlgorithm)
             throw new Error('algorithm not found')
-        const payload = this.decode(token)
+        const { payload } = this.decode(token)
         if (payload.nbf && payload.nbf > Math.floor(Date.now() / 1000)) {
             if (options.throwError)
                 throw 'NOT_YET_VALID'