arian/anubis-mirror
1
0
Fork 0
mirror of https://github.com/TecharoHQ/anubis.git synced 2026-04-15 21:04:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(jwt): update nonce value in challenge JWT cookie to be a string (#486)

Browse Source 
Closes https://github.com/TecharoHQ/anubis/issues/468

Signed-off-by: Jason Cameron <git@jasoncameron.dev>
This commit is contained in:
Jason Cameron
2025-05-09 20:10:28 -04:00
committed by GitHub
parent a0805cad16
commit 2b103a9ec7
2 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/anubis.go
View File

@@ -17,6 +17,7 @@ import (
"time"
"github.com/golang-jwt/jwt/v5"
"github.com/prometheus/client_golang/prometheus"
"github.com/prometheus/client_golang/prometheus/promauto"
@@ -344,7 +345,7 @@ func (s *Server) PassChallenge(w http.ResponseWriter, r *http.Request) {
// generate JWT cookie
token := jwt.NewWithClaims(jwt.SigningMethodEdDSA, jwt.MapClaims{
"challenge": challenge,
"nonce": nonce,
"nonce": nonceStr,
"response": response,
"iat": time.Now().Unix(),
"nbf": time.Now().Add(-1 * time.Minute).Unix(),