Updated code replacing decode with claims

niati · niati · commit bef702b20b20 · 2020-05-21T13:29:50.000-04:00
diff --git a/messages/signed-webhooks/verify-signed-webhook.js b/messages/signed-webhooks/verify-signed-webhook.js
@@ -1,7 +1,7 @@
 const jwt = require("jsonwebtoken")
 const sha256 = require('js-sha256');
 
-var decoded = jwt.verify(signature,'SECRET')
+var claims = jwt.verify(signature,'SECRET')
 if (sha256(payload) != claims["payload_hash"]) {
     // payload has been tampered with
    }

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`const jwt = require("jsonwebtoken")`
`2`	`2`	`const sha256 = require('js-sha256');`
`3`	`3`
`4`		`-var decoded = jwt.verify(signature,'SECRET')`
	`4`	`+var claims = jwt.verify(signature,'SECRET')`
`5`	`5`	`if (sha256(payload) != claims["payload_hash"]) {`
`6`	`6`	`// payload has been tampered with`
`7`	`7`	`}`