3pp-mirror/penpot
1
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2025-07-15 08:55:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

♻️ Refactor invitation flow

Browse source 
Enfoces security and make the flow more deterministic.
This commit is contained in:
Andrey Antukh 2022-02-15 15:33:59 +01:00 committed by Andrés Moya
parent 6486b24c8b
commit 96facc5100
7 changed files with 117 additions and 156 deletions
Download patch file Download diff file Expand all files Collapse all files

3
backend/src/app/tokens.clj
View file

@ -7,6 +7,7 @@
(ns app.tokens
"Tokens generation service."
(:require
[app.common.data :as d]
[app.common.exceptions :as ex]
[app.common.spec :as us]
[app.common.transit :as t]
@ -17,7 +18,7 @@
(defn- generate
[cfg claims]
(let [payload (t/encode claims)]
(let [payload (-> claims d/without-nils t/encode)]
(jwe/encrypt payload (::secret cfg) {:alg :a256kw :enc :a256gcm})))
(defn- verify