36.2 Test endpoint for security - correct JWT (#2)

2021-09-06 14:02:47 +03:00
parent 0656dc9969
commit 7dfbf686e7
3 changed files with 39 additions and 6 deletions
--- a/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/config/JwtConfig.java
+++ b/support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/config/JwtConfig.java
@ -15,7 +15,7 @@ public class JwtConfig {
    @Bean
    public JWTVerifier jwtVerifier(@Value("${app.jwt.secret}") String secret) {

-        Algorithm algorithm = Algorithm.HMAC256(secret);
+        Algorithm algorithm = Algorithm.HMAC512(secret);
        return JWT.require(algorithm)
                .withIssuer(GET_ARRAYS_LLC)
                .build(); //Reusable verifier instance
--- a/support-portal-backend/src/main/resources/application.yml
+++ b/support-portal-backend/src/main/resources/application.yml
@ -12,7 +12,8 @@ spring:
        dialect: org.hibernate.dialect.MySQL8Dialect
 app:
  jwt:
-    secret: ${random.value}
+    secret: VeRy_5ecretP@55W0rd!
+#    secret: ${random.value} #Does not work - every time generates new value
 ---
 spring:
  config: