From 278ab4c513e73a6c8c363e73d17495eaf3008e50 Mon Sep 17 00:00:00 2001
From: Charles Bochet <charlesBochet@users.noreply.github.com>
Date: Wed, 6 Nov 2024 15:56:14 +0100
Subject: [PATCH] Fix loginToken and legacy apiToken not working (#8369)

---
 .../jwt/services/jwt-wrapper.service.ts            | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/packages/twenty-server/src/engine/core-modules/jwt/services/jwt-wrapper.service.ts b/packages/twenty-server/src/engine/core-modules/jwt/services/jwt-wrapper.service.ts
index 4ab4cd1a8..1a83e0ed1 100644
--- a/packages/twenty-server/src/engine/core-modules/jwt/services/jwt-wrapper.service.ts
+++ b/packages/twenty-server/src/engine/core-modules/jwt/services/jwt-wrapper.service.ts
@@ -59,10 +59,11 @@ export class JwtWrapperService {
     }
 
     try {
-      if (!type && !payload.workspaceId) {
+      // TODO: Deprecate this once old API KEY tokens are no longer in use
+      if (!payload.type && !payload.workspaceId && type === 'ACCESS') {
         return this.jwtService.verify(token, {
           ...options,
-          secret: this.generateAppSecretLegacy(type, payload.workspaceId),
+          secret: this.generateAppSecretLegacy(),
         });
       }
 
@@ -102,10 +103,7 @@ export class JwtWrapperService {
       .digest('hex');
   }
 
-  generateAppSecretLegacy(
-    type: WorkspaceTokenType,
-    workspaceId?: string,
-  ): string {
+  generateAppSecretLegacy(): string {
     const accessTokenSecret = this.environmentService.get(
       'ACCESS_TOKEN_SECRET',
     );
@@ -114,8 +112,6 @@ export class JwtWrapperService {
       throw new Error('ACCESS_TOKEN_SECRET is not set');
     }
 
-    return createHash('sha256')
-      .update(`${accessTokenSecret}${workspaceId}${type}`)
-      .digest('hex');
+    return accessTokenSecret;
   }
 }