2.5.2

remove math abs
2024-03-01 20:32:48 +01:00 · 2024-03-01 20:31:24 +01:00
3 changed files with 5 additions and 5 deletions
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
  "name": "@tsndr/cloudflare-worker-jwt",
-  "version": "2.5.1",
+  "version": "2.5.2",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "@tsndr/cloudflare-worker-jwt",
-      "version": "2.5.1",
+      "version": "2.5.2",
      "license": "MIT",
      "devDependencies": {
        "@cloudflare/workers-types": "^4.20240208.0",
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@tsndr/cloudflare-worker-jwt",
-  "version": "2.5.1",
+  "version": "2.5.2",
  "description": "A lightweight JWT implementation with ZERO dependencies for Cloudflare Worker",
  "type": "module",
  "exports": "./index.js",
--- a/src/index.ts
+++ b/src/index.ts
@@ -221,10 +221,10 @@ export async function verify(token: string, secret: string | JsonWebKey | Crypto

        const now = Math.floor(Date.now() / 1000)

-        if (payload.nbf && payload.nbf > now && Math.abs(payload.nbf - now) > (options.clockTolerance ?? 0))
+        if (payload.nbf && payload.nbf > now && (payload.nbf - now) > (options.clockTolerance ?? 0))
            throw new Error("NOT_YET_VALID")

-        if (payload.exp && payload.exp <= now && Math.abs(payload.exp - now) > (options.clockTolerance ?? 0))
+        if (payload.exp && payload.exp <= now && (now - payload.exp) > (options.clockTolerance ?? 0))
            throw new Error("EXPIRED")

        const key = secret instanceof CryptoKey ? secret : await importKey(secret, algorithm, ["verify"])
Author	SHA1	Message	Date
Toby	e49bada1a5	2.5.2	2024-03-01 20:32:48 +01:00
Toby	c75c26044f	remove math abs	2024-03-01 20:31:24 +01:00