Skip to content
This repository has been archived by the owner on Jun 14, 2024. It is now read-only.

Commit

Permalink
fix: express-jwt vulnerability (#569)
Browse files Browse the repository at this point in the history
  • Loading branch information
@arnaud-moncel
arnaud-moncel authored May 31, 2021
1 parent c713c63 commit ebb5f0a
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
2 changes: 1 addition & 1 deletion services/dumper.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ class Dumper {
debug: '~4.0.1',
dotenv: '~6.1.0',
express: '~4.17.1',
'express-jwt': '5.3.1',
'express-jwt': '6.0.0',
[`forest-express-${orm}`]: '^7.0.0',
morgan: '1.9.1',
'require-all': '^3.0.0',
Expand Down
1 change: 1 addition & 0 deletions templates/app/app.hbs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ app.use(express.static(path.join(__dirname, 'public')));
app.use(jwt({
secret: process.env.FOREST_AUTH_SECRET,
credentialsRequired: false,
algorithms: ['HS256'],
}));

app.use('/forest', (request, response, next) => {
Expand Down

0 comments on commit ebb5f0a

Please sign in to comment.