Merge branch 'feat/coupon' into dev

dotbitHQ · Nov 8, 2023 · bac97b1 · bac97b1
2 parents 5e895c6 + 985a361
commit bac97b1
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/http_server/handle/check_permissions.go b/http_server/handle/check_permissions.go
@@ -38,8 +38,8 @@ func (h *HttpHandle) CheckPermissions(ctx *gin.Context) {
 
 	claims := &Claims{}
 	tkn, err := jwt.ParseWithClaims(tokenVal, claims, func(token *jwt.Token) (any, error) {
-		return config.Cfg.Das.JwtKey, nil
-	})
+		return []byte(config.Cfg.Das.JwtKey), nil
+	}, jwt.WithValidMethods([]string{jwt.SigningMethodHS256.Name}))
 	if err != nil {
 		if errors.Is(err, jwt.ErrSignatureInvalid) {
 			apiResp.ApiRespErr(api_code.ApiCodeUnauthorized, "unauthorized")

diff --git a/http_server/handle/sign_in.go b/http_server/handle/sign_in.go
@@ -113,7 +113,7 @@ func (h *HttpHandle) doSignIn(ctx *gin.Context, req *ReqSignIn, apiResp *api_cod
 	}
 
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
-	tokenString, err := token.SignedString(config.Cfg.Das.JwtKey)
+	tokenString, err := token.SignedString([]byte(config.Cfg.Das.JwtKey))
 	if err != nil {
 		apiResp.ApiRespErr(api_code.ApiCodeError500, "internal error")
 		return err