From e7724594e269994e6600f4127ea0f57cd4c2d3f0 Mon Sep 17 00:00:00 2001
From: Toby <mail@tobias-schneider.io>
Date: Wed, 21 Feb 2024 21:04:03 +0100
Subject: [PATCH] add algorithm to header

---
 src/index.ts | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/index.ts b/src/index.ts
index 7ecda7d..fae4723 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -34,6 +34,13 @@ export type JwtHeader<T = {}> = {
      * @default "JWT"
      */
     typ?: string
+
+    /**
+     * Algorithm (default: `"HS256"`)
+     *
+     * @default "HS256"
+     */
+    alg?: JwtAlgorithm
 } & T
 
 /**
@@ -196,7 +203,13 @@ export async function verify(token: string, secret: string | JsonWebKey | Crypto
     if (!algorithm)
         throw new Error('algorithm not found')
 
-    const { payload } = decode(token)
+    const { header, payload } = decode(token)
+
+    if (header?.alg !== options.algorithm) {
+        if (options.throwError)
+            throw new Error('ALG_MISMATCH')
+        return false
+    }
 
     try {
         if (!payload)