goodgo-platform

admin/goodgo-platform

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ho Ngoc Hai	3705193f97	fix(auth): wire dual-key JWT verification into TokenService for WebSocket auth Extract shared `verifyWithRotation` helper and `makeSecretOrKeyProvider` into `jwt-rotation.ts` so both REST (passport-jwt strategy) and WebSocket (TokenService.verifyAccessToken) paths honour JWT_SECRET_PREVIOUS during secret rotation. Add env-validation for optional previous secrets and document the rotation policy for WebSocket sessions. Resolves GOO-237 Co-Authored-By: Claude Opus 4 <noreply@anthropic.com>	2026-04-24 14:44:23 +07:00

Author

SHA1

Message

Date

Ho Ngoc Hai

3705193f97

fix(auth): wire dual-key JWT verification into TokenService for WebSocket auth

Extract shared `verifyWithRotation` helper and `makeSecretOrKeyProvider` into
`jwt-rotation.ts` so both REST (passport-jwt strategy) and WebSocket
(TokenService.verifyAccessToken) paths honour JWT_SECRET_PREVIOUS during
secret rotation. Add env-validation for optional previous secrets and
document the rotation policy for WebSocket sessions.

Resolves GOO-237

Co-Authored-By: Claude Opus 4 <noreply@anthropic.com>

2026-04-24 14:44:23 +07:00

1 Commits