From 7198501a403f3d55031204c54852e871db6921e7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Z=C3=A8D?= <imzihad@gmail.com>
Date: Wed, 22 Jun 2022 12:06:50 +0600
Subject: [PATCH] Destructure payload from decode function properly
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The decode function returns an object containing a header and payload properties. Assigning the whole object to payload fails nbf and exp checks on verify JWT as those properties not found in decode return object directly. Instead, destructure payload property from decode return data that contains those values and check them correctly.

Signed-off-by: ZèD <imzihad@gmail.com>
---
 index.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.js b/index.js
index e47ba01..4266fad 100644
--- a/index.js
+++ b/index.js
@@ -94,7 +94,7 @@ class JWT {
         const importAlgorithm = this.algorithms[options.algorithm]
         if (!importAlgorithm)
             throw new Error('algorithm not found')
-        const payload = this.decode(token)
+        const { payload } = this.decode(token)
         if (payload.nbf && payload.nbf > Math.floor(Date.now() / 1000)) {
             if (options.throwError)
                 throw 'NOT_YET_VALID'