Use HS256 alg for callback url (#22)

douban · Jun 18, 2020 · 98618a1 · 98618a1
1 parent fac3842
commit 98618a1
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/helpdesk/models/db/ticket.py b/helpdesk/models/db/ticket.py
@@ -254,7 +254,7 @@ def generate_callback_url(self):
         """
         # todo: replace hardcode with url_path current url_path not working somehow
         callback_url = f'api/ticket/mark/{self.id}'
-        jwt_token = jwt.encode({'alg': 'RS256'}, {'ticket_id': self.id, 'op': 'mark'}, SESSION_SECRET_KEY)
+        jwt_token = jwt.encode({'alg': 'HS256'}, {'ticket_id': self.id, 'op': 'mark'}, SESSION_SECRET_KEY)
         callback_url_payload = {"token": jwt_token}
         return f"{DEFAULT_BASE_URL}/{callback_url}?{urlencode(callback_url_payload, quote_via=quote_plus)}"