mirror of
https://github.com/open-webui/open-webui
synced 2024-11-16 13:40:55 +00:00
We should verify signatures to make the whole session secret meaningful.
This commit is contained in:
parent
03a7e35967
commit
2c1dacb9b6
@ -48,7 +48,7 @@ def create_token(data: dict, expires_delta: Union[timedelta, None] = None) -> st
|
|||||||
|
|
||||||
def decode_token(token: str) -> Optional[dict]:
|
def decode_token(token: str) -> Optional[dict]:
|
||||||
try:
|
try:
|
||||||
decoded = jwt.decode(token, SESSION_SECRET, options={"verify_signature": False})
|
decoded = jwt.decode(token, SESSION_SECRET)
|
||||||
return decoded
|
return decoded
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
return None
|
return None
|
||||||
|
Loading…
Reference in New Issue
Block a user