From eb8dfa82110d958623ed506d50b182812b2dc72a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20Bedna=C5=99=C3=ADk?= <jan.bednarik@gmail.com>
Date: Mon, 4 Oct 2021 15:08:40 +0200
Subject: [PATCH] Fix JWT parsing

---
 olapp/core/views.py | 2 +-
 olapp/settings.py   | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/olapp/core/views.py b/olapp/core/views.py
index a145d55..4289847 100644
--- a/olapp/core/views.py
+++ b/olapp/core/views.py
@@ -284,7 +284,7 @@ class LoginRedirectView(View):
         token = request.GET.get("token")
 
         # get cookie max_age from token
-        payload = jwt.decode(token, verify=False)
+        payload = jwt.decode(token, algorithms=[settings.JWT_ALGORITHM], verify=False)
         max_age = payload["exp"] - time.time()
 
         response = HttpResponseRedirect(reverse("account"))
diff --git a/olapp/settings.py b/olapp/settings.py
index bf089a9..39953dd 100644
--- a/olapp/settings.py
+++ b/olapp/settings.py
@@ -114,3 +114,6 @@ OPENLOBBY_API_URL = f"{openlobby_server_dsn}/graphql"
 APP_URL = os.environ.get("APP_URL", "http://localhost:8020")
 
 ACCESS_TOKEN_COOKIE = "ol_access_token"
+
+# signature algorithm JSON Web Tokens
+JWT_ALGORITHM = "HS512"
-- 
GitLab