Update the JWT signing algo when the signing key is changed in the config

2020-04-11 17:26:17 -07:00
parent d3a3d4dbf5
commit 3bd48bbac1
3 changed files with 21 additions and 11 deletions
--- a/router/tokens/parser.go
+++ b/router/tokens/parser.go
@@ -6,8 +6,6 @@ import (
 	"time"
 )

-var alg *jwt.HMACSHA
-
 type TokenData interface {
 	GetPayload() *jwt.Payload
 }
@@ -18,16 +16,12 @@ type TokenData interface {
 //
 // This simply returns a parsed token.
 func ParseToken(token []byte, data TokenData) error {
-	if alg == nil {
-		alg = jwt.NewHS256([]byte(config.Get().AuthenticationToken))
-	}
-
 	verifyOptions := jwt.ValidatePayload(
 		data.GetPayload(),
 		jwt.ExpirationTimeValidator(time.Now()),
 	)

-	_, err := jwt.Verify(token, alg, &data, verifyOptions)
+	_, err := jwt.Verify(token, config.GetJwtAlgorithm(), &data, verifyOptions)

 	return err
 }