From 4fceb404bdbc8e250360a16b4108058af8aa50e0 Mon Sep 17 00:00:00 2001
From: Tim Farrell <tim@thecookiejar.me>
Date: Thu, 1 Feb 2024 14:52:46 -0600
Subject: [PATCH] Call `jwt.decode` with the expected algorithms

---
 backend/utils/utils.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/backend/utils/utils.py b/backend/utils/utils.py
index 546799cb6..2795a6134 100644
--- a/backend/utils/utils.py
+++ b/backend/utils/utils.py
@@ -48,7 +48,7 @@ def create_token(data: dict, expires_delta: Union[timedelta, None] = None) -> st
 
 def decode_token(token: str) -> Optional[dict]:
     try:
-        decoded = jwt.decode(token, SESSION_SECRET)
+        decoded = jwt.decode(token, SESSION_SECRET, algorithms=[ALGORITHM])
         return decoded
     except Exception as e:
         return None