fastify-jwt
fastify-jwt copied to clipboard
fastify
Unable to set key override on request.jwtVerify
Prerequisites
- [X] I have written a descriptive issue title
- [X] I have searched existing issues to ensure the bug has not already been reported
Fastify version
4.27.0
Plugin version
8.0.1
Node.js version
20.13.1
Operating system
Linux
Operating system version (i.e. 20.04, 11.3, 10)
alpine3.18
Description
I am unable to set a custom secret key for jwt tokens when calling
request.jwtVerify<Payload>({decode: {}, verify: { key: 'override' }})
The verify function still expects the key to be the same as set when registering fastifyJwt to fastify.
Example code:
fastify.register(fastifyJwt, {
secret: 'hunter2'
}
...
fastify.get('/verify', function (request, reply) {
const jwt = await request.jwtVerify<Payload>({decode: {}, verify: {key: 'override'}})
}
Above request fails when signing the JWT token with override, the original secret works.
Using the debugger I can see the override key is passed to jwt.js, however it is never set in const verifierOptions = mergeOptionsWithKey(options.verify || options, secretOrPublicKey).
Link to code that reproduces the bug
No response
Expected Behavior
One would expect that request.jwtVerify<Payload>({decode: {}, verify: { key: 'override' }}) will use the key specified in options.
Thanks for reporting!
Can you provide steps to reproduce? We often need a reproducible example, e.g. some code that allows someone else to recreate your problem by just copying and pasting it. If it involves more than a couple of different file, create a new repository on GitHub and add a link to that.
